VPN providers were cracked down, open source anti-censorship tools were eliminated. This is what’s happening in China and has become even more severe than ever. Shadowsocks alone is no longer reliable due to more powerful deep packet inspection implemented at the GFW.
I am now replacing shadowsocks on my gateway with obfuscated SSH tunnel, based on Tor‘s obfsproxy. To the impatient ones, I will first give a concise summary of the necessary steps of my set up. You can follow it without drilling down the details. I will explain in more details later. But please note that you have to follow the other instructions in this blog post to complete the whole set up.
Quick Set up
On your server
Assume your server runs Debian 8 (jessie) or Ubuntu, and its IP is
188.8.131.52, run these commands:
$ sudo apt-get install obfsproxy $ mkdir /tmp/obfsproxy-temp $ obfsproxy --data-dir=/tmp/obfsproxy-temp scramblesuit --password=QWLY42YHB75J3B57XOKYNNFJPOQ7APHL --dest=127.0.0.1:22 server 0.0.0.0:7700
On Raspberry Pi gateway
$ sudo apt-get install python-dev $ sudo pip install obfsproxy
Host 184.108.40.206 ProxyCommand nc -X 5 -x 127.0.0.1:3333 %h 7700
Run these commands:
$ obfsproxy --log-file=obfsproxy.log --log-min-severity=info scramblesuit --password=QWLY42YHB75J3B57XOKYNNFJPOQ7APHL socks 127.0.0.1:3333 $ ssh email@example.com -N -D 1080