High level of protection
Cryptographic algorithm resistant to date is used for encryption AES-256-GCM
Bypass of the blockings
Full access to YouTube content, Unblocking of FaceBook, VKontakte and other social networks.
Large number of countries!
When connecting, you will be assigned an IP-address of the server you have chosen!

Telegram

Subscribe to our Telegram channel and get all important service news as quickly and conveniently as possible!

Read More...

Twitter

Fresh feed of news via Twitter!

Worldwide IT and security news via our Twitter by MultiVPN...

Read More...

Blog MultiVPN

Official MultiVPN Blog. Top news of MultiVPN service, updates, files and rest urgent important information!

Read More...

Using ShadowSocks and OpenVPN on Ubuntu Linux

This instruction is intended to bypass DPI (deep packet inspection) locks using the example of Ubuntu Linux OS.

Download the ShadowSocks.zip archive.

https://multivpn.su/files/ShadowSocks.zip

It is necessary to download the archive from the service site using a browser, because Anti-DDoS tools will not allow you to do this via wget, curl and other download managers.
It is assumed that the archive will be saved in /home/user/Downloads/ShadowSocks.zip

Open a terminal. First of all, you should get superuser rights:


  [email protected]:~$ sudo bash
  [sudo] password for user:
  [email protected]:/home/user# id
  uid=0(root) gid=0(root) groups=0(root)
  [email protected]:/home/user#

Update your system:


  [email protected]:/home/user# apt-get update && apt-get upgrade
  Hit:1 http://ru.archive.ubuntu.com/ubuntu focal InRelease
  Hit:2 http://ru.archive.ubuntu.com/ubuntu focal-updates InRelease
  Hit:3 http://security.ubuntu.com/ubuntu focal-security InRelease
  Hit:4 http://ru.archive.ubuntu.com/ubuntu focal-backports InRelease
  Reading package lists... Done
  Building dependency tree
  Reading state information... Done
  Calculating upgrade... Done
  0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
  [email protected]:/home/user#

Check if you have OpenVPN installed:


  [email protected]:/home/user# openvpn --version
  OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 5 2019
  library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
  Originally developed by James Yonan
  Copyright (C) 2002-2018 OpenVPN Inc <[email protected]>
  Compile time defines: enable_async_push=no enable_comp_stub=no enable_crypto=yes enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dependency_tracking=no enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=yes enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_maintainer_mode=no enable_management=yes enable_multihome=yes enable_pam_dlopen=no enable_pedantic=no enable_pf=yes enable_pkcs11=yes enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_server=yes enable_shared=yes enable_shared_with_static_runtimes=no enable_silent_rules=no enable_small=no enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=yes enable_werror=no enable_win32_dll=yes enable_x509_alt_username=yes with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_sysroot=no
  [email protected]:/home/user#

If there is no OpenVPN package, install it:


  [email protected]:/home/user# apt-get -y install openvpn
  Reading package lists... Done
  Building dependency tree
  Reading state information... Done
  The following additional packages will be installed:
  libpkcs11-helper1
  Suggested packages:
  resolvconf openvpn-systemd-resolved easy-rsa
  The following NEW packages will be installed:
  libpkcs11-helper1 openvpn
  0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
  Need to get 522 kB of archives.
  After this operation, 1 343 kB of additional disk space will be used.
  Get:1 http://ru.archive.ubuntu.com/ubuntu focal/main amd64 libpkcs11-helper1 amd64 1.26-1 [44,3 kB]
  Get:2 http://ru.archive.ubuntu.com/ubuntu focal/main amd64 openvpn amd64 2.4.7-1ubuntu2 [478 kB]
  Fetched 522 kB in 2s (264 kB/s)
  Preconfiguring packages ...
  Selecting previously unselected package libpkcs11-helper1:amd64.
  (Reading database ... 186905 files and directories currently installed.)
  Preparing to unpack .../libpkcs11-helper1_1.26-1_amd64.deb ...
  Unpacking libpkcs11-helper1:amd64 (1.26-1) ...
  Selecting previously unselected package openvpn.
  Preparing to unpack .../openvpn_2.4.7-1ubuntu2_amd64.deb ...
  Unpacking openvpn (2.4.7-1ubuntu2) ...
  Setting up libpkcs11-helper1:amd64 (1.26-1) ...
  Setting up openvpn (2.4.7-1ubuntu2) ...
  Processing triggers for systemd (245.4-4ubuntu3.4) ...
  Processing triggers for man-db (2.9.1-1) ...
  Processing triggers for libc-bin (2.31-0ubuntu9.2) ...
  [email protected]:/home/user#

Install the "shadowsocks-libev" package:


  [email protected]:/home/user# apt-get -y install shadowsocks-libev
  Reading package lists... Done
  Building dependency tree
  Reading state information... Done
  [there is a lot of cut text here]
  [email protected]:/home/user#

Go to "/home/user/Downloads/" and extract the ShadowSocks.zip archive:


  [email protected]:/home/user# cd Downloads/
  [email protected]:/home/user/Downloads# unzip ShadowSocks.zip
  Archive: ShadowSocks.zip
  [there is a lot of cut text here]
  [email protected]:/home/user/Downloads#

Transfer the contents of ShadowSocks to "/etc/openvpn/ShadowSocks/" and go to the specified directory:


  [email protected]:/home/user/Downloads# mv ShadowSocks /etc/openvpn/
  [email protected]:/home/user/Downloads# cd /etc/openvpn/ShadowSocks/
  [email protected]:/etc/openvpn/ShadowSocks# ls -la
  total 28
  drwxr-xr-x 6 root root 4096 Dec 23 01:50 .
  drwxr-xr-x 5 root root 4096 Mar 3 19:06 ..
  drwxr-xr-x 4 root root 4096 Dec 23 01:50 ConfigFiles
  drwxr-xr-x 2 root root 4096 Dec 23 01:50 json
  drwxr-xr-x 2 root root 4096 Dec 23 01:50 OpenVPN
  -rw-r--r-- 1 root root 3018 Nov 12 23:55 ReadMe.txt
  drwxr-xr-x 6 root root 4096 Dec 23 01:50 SSCapV4.0
  [email protected]:/etc/openvpn/ShadowSocks#

At this stage, the installation process is complete.
Next, we will connect to the OpenVPN server through ShadowSocks.
We need two terminals with superuser rights.
In this example, we will connect to the UA1 server in Ukraine.
In the current terminal we continue:

Change to the "json" directory, here are the configuration files for ShadowSocks:


  [email protected]:/etc/openvpn/ShadowSocks# cd json/
  [email protected]:/etc/openvpn/ShadowSocks/json# ls -la
  total 92
  drwxr-xr-x 2 root root 4096 Dec 23 01:50 .
  drwxr-xr-x 6 root root 4096 Dec 23 01:50 ..
  -rw-r--r-- 1 root root 168 Dec 29 06:33 AU1-ShadowSocks.json
  [there is a lot of cut text here]
  -rw-r--r-- 1 root root 166 Dec 29 06:34 UA1-ShadowSocks.json
  -rw-r--r-- 1 root root 165 Aug 31 2020 UK1-ShadowSocks.json
  -rw-r--r-- 1 root root 167 Dec 29 06:34 US1-ShadowSocks.json
  -rw-r--r-- 1 root root 168 Dec 29 06:34 US2-ShadowSocks.json
  [email protected]:/etc/openvpn/ShadowSocks/json#

We start ShadowSocks in the terminal to let OpenVPN traffic through an obfuscated connection (in this case, the UA1 connection server - Ukraine):


  [email protected]:/etc/openvpn/ShadowSocks/json# ss-local -c UA1-ShadowSocks.json
  2021-03-03 17:10:53 INFO: initializing ciphers... aes-256-cfb
  2021-03-03 17:10:53 INFO: listening at 127.0.0.1:1080
  2021-03-03 17:10:53 INFO: running from root user

Don't close the ShadowSocks terminal. Open another terminal and get superuser rights:


  [email protected]:~$ sudo bash
  [sudo] password for user:
  [email protected]:/home/user# id
  uid=0(root) gid=0(root) groups=0(root)
  [email protected]:/home/user#

Go to the directory with the configuration files to connect to the OpenVPN server. In this example, a connection will be used according to the "OpenVPN" tariff plan (for the "DoubleVPN" tariff plan - the actions will be the same):


  [email protected]:/home/user# cd /etc/openvpn/ShadowSocks/ConfigFiles/
  [email protected]:/etc/openvpn/ShadowSocks/ConfigFiles# ls -la
  total 16
  drwxr-xr-x 4 root root 4096 Dec 22 22:50 .
  drwxr-xr-x 6 root root 4096 Dec 22 22:50 ..
  drwxr-xr-x 23 root root 4096 Dec 22 22:50 DoubleVPN
  drwxr-xr-x 2 root root 4096 Dec 29 03:06 OpenVPN
  [email protected]:/etc/openvpn/ShadowSocks/ConfigFiles# cd OpenVPN/
  [email protected]:/etc/openvpn/ShadowSocks/ConfigFiles/OpenVPN# ls -la
  total 260
  drwxr-xr-x 2 root root 4096 Dec 29 03:06 .
  drwxr-xr-x 4 root root 4096 Dec 22 22:50 ..
  -rw-r--r-- 1 root root 9755 Dec 29 02:27 SS-AU1-OpenVPN.ovpn
  [there is a lot of cut text here]
  -rw-r--r-- 1 root root 9743 Dec 29 02:52 SS-UA1-OpenVPN.ovpn
  -rw-r--r-- 1 root root 9743 Nov 12 20:53 SS-UK1-OpenVPN.ovpn
  -rw-r--r-- 1 root root 9751 Dec 29 03:00 SS-US1-OpenVPN.ovpn
  -rw-r--r-- 1 root root 9755 Dec 29 03:04 SS-US2-OpenVPN.ovpn
  [email protected]:/etc/openvpn/ShadowSocks/ConfigFiles/OpenVPN#

Since the obfuscated tunnel through ShadowSocks is open to the UA1 server - Ukraine, we will connect via OpenVPN to the identical UA1 server:


  [email protected]:/etc/openvpn/ShadowSocks/ConfigFiles/OpenVPN# openvpn SS-UA1-OpenVPN.ovpn
  Wed Mar 3 17:37:20 2021 Unrecognized option or missing or extra parameter(s) in SS-UA1-OpenVPN.ovpn:16: data-ciphers (2.4.7)
  Wed Mar 3 17:37:20 2021 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 5 2019
  Wed Mar 3 17:37:20 2021 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
  Enter Auth Username: [email protected]
  Enter Auth Password:
  Wed Mar 3 17:37:26 2021 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
  Wed Mar 3 17:37:26 2021 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
  Wed Mar 3 17:37:26 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1080
  Wed Mar 3 17:37:26 2021 Socket Buffers: R=[131072->131072] S=[16384->16384]
  Wed Mar 3 17:37:26 2021 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1080 [nonblock]
  Wed Mar 3 17:37:26 2021 TCP connection established with [AF_INET]127.0.0.1:1080
  Wed Mar 3 17:37:26 2021 TCP_CLIENT link local: (not bound)
  Wed Mar 3 17:37:26 2021 TCP_CLIENT link remote: [AF_INET]127.0.0.1:1080
  Wed Mar 3 17:37:26 2021 TLS: Initial packet from [AF_INET]127.0.0.1:1080, sid=6ef21b19 02953fab
  Wed Mar 3 17:37:27 2021 VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=MyOrganizationalUnit, CN=Fort-Funston CA, name=EasyRSA, [email protected]
  Wed Mar 3 17:37:27 2021 VERIFY KU OK
  Wed Mar 3 17:37:27 2021 Validating certificate extended key usage
  Wed Mar 3 17:37:27 2021 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
  Wed Mar 3 17:37:27 2021 VERIFY EKU OK
  Wed Mar 3 17:37:27 2021 VERIFY OK: depth=0, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=MyOrganizationalUnit, CN=server, name=EasyRSA, [email protected]
  Wed Mar 3 17:37:29 2021 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 4096 bit RSA
  Wed Mar 3 17:37:29 2021 [server] Peer Connection Initiated with [AF_INET]127.0.0.1:1080
  Wed Mar 3 17:37:30 2021 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
  Wed Mar 3 17:37:31 2021 PUSH: Received control message: 'PUSH_REPLY,route 192.168.9.0 255.255.255.0,redirect-gateway def1,dhcp-option DNS 192.71.244.22,dhcp-option DNS 54.39.94.211,block-outside-dns,route 192.168.9.1,topology net30,ping 10,ping-restart 120,ifconfig 192.168.9.6 192.168.9.5,peer-id 0,cipher AES-256-GCM'
  Wed Mar 3 17:37:31 2021 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:5: block-outside-dns (2.4.7)
  Wed Mar 3 17:37:31 2021 OPTIONS IMPORT: timers and/or timeouts modified
  Wed Mar 3 17:37:31 2021 OPTIONS IMPORT: --ifconfig/up options modified
  Wed Mar 3 17:37:31 2021 OPTIONS IMPORT: route options modified
  Wed Mar 3 17:37:31 2021 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
  Wed Mar 3 17:37:31 2021 OPTIONS IMPORT: peer-id set
  Wed Mar 3 17:37:31 2021 OPTIONS IMPORT: adjusting link_mtu to 1627
  Wed Mar 3 17:37:31 2021 OPTIONS IMPORT: data channel crypto options modified
  Wed Mar 3 17:37:31 2021 Data Channel: using negotiated cipher 'AES-256-GCM'
  Wed Mar 3 17:37:31 2021 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
  Wed Mar 3 17:37:31 2021 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
  Wed Mar 3 17:37:31 2021 ROUTE_GATEWAY 10.0.2.2/255.255.255.0 IFACE=enp0s3 HWADDR=08:00:27:3c:c7:0a
  Wed Mar 3 17:37:31 2021 TUN/TAP device tun0 opened
  Wed Mar 3 17:37:31 2021 TUN/TAP TX queue length set to 100
  Wed Mar 3 17:37:31 2021 /sbin/ip link set dev tun0 up mtu 1500
  Wed Mar 3 17:37:31 2021 /sbin/ip addr add dev tun0 local 192.168.9.6 peer 192.168.9.5
  Wed Mar 3 17:37:33 2021 /sbin/ip route add 127.0.0.1/32 via 10.0.2.2
  Wed Mar 3 17:37:33 2021 /sbin/ip route add 0.0.0.0/1 via 192.168.9.5
  Wed Mar 3 17:37:33 2021 /sbin/ip route add 128.0.0.0/1 via 192.168.9.5
  Wed Mar 3 17:37:33 2021 /sbin/ip route add 5.188.6.103/32 via 10.0.2.2
  Wed Mar 3 17:37:33 2021 /sbin/ip route add 192.168.9.0/24 via 192.168.9.5
  Wed Mar 3 17:37:33 2021 /sbin/ip route add 192.168.9.1/32 via 192.168.9.5
  Wed Mar 3 17:37:33 2021 Initialization Sequence Completed

OpenVPN will ask for a login and password to connect:


  Enter Auth Username: <<< Here enter your E-Mail from your personal account
  Enter Auth Password: <<< Any password or nothing

Do not close the console with the OpenVPN app and ShadowSocks as long as you want to use an OpenVPN connection.

Most likely, you will need to configure DNS servers for your connection: NS1 - 192.71.244.22 and NS2 - 54.39.94.211.

If you want to disconnect from the OpenVPN server, in the terminal with the OpenVPN application, press the key combination Ctrl+C


  ^CWed Mar 3 17:48:31 2021 event_wait : Interrupted system call (code=4)
  Wed Mar 3 17:48:31 2021 /sbin/ip route del 5.188.6.103/32
  Wed Mar 3 17:48:31 2021 /sbin/ip route del 192.168.9.0/24
  Wed Mar 3 17:48:31 2021 /sbin/ip route del 192.168.9.1/32
  Wed Mar 3 17:48:31 2021 /sbin/ip route del 127.0.0.1/32
  Wed Mar 3 17:48:31 2021 /sbin/ip route del 0.0.0.0/1
  Wed Mar 3 17:48:31 2021 /sbin/ip route del 128.0.0.0/1
  Wed Mar 3 17:48:31 2021 Closing TUN/TAP interface
  Wed Mar 3 17:48:31 2021 /sbin/ip addr del dev tun0 local 192.168.9.6 peer 192.168.9.5
  Wed Mar 3 17:48:31 2021 SIGINT[hard,] received, process exiting
  [email protected]:/etc/openvpn/ShadowSocks/ConfigFiles/OpenVPN#

Now, you can quit ShadowSocks. Press the key combination Ctrl+C in the corresponding terminal.


Linux instructions