Shadowsocks-libev-nocrypto for openwrt

ongkang · 2020-09-27T02:12:02.294Z

I found interesting part when updating Shadowsocks app for android: in the what’s new, Max Lv wrote: add support for none cipher method and then I see option for none is available in the encrypt method. I was curious about this and did some digging and find only this fork in github:

GitHub - SPYFF/shadowsocks-libev-nocrypto: libev port of shadowsocks. In this fork, encryption is optional!

in the README, he wrote this line

This is a fork of the popular Shadowsocks-libev proxy application, which enable the user to disable the encryption. The motivation behind this: on router boards with limited CPU resources, the encryption is drop down the network throughput.

and I think that this could be the solution for my device (AR300M) to achieve faster speed while using shadowsocks in the price of security which I don’t really consider when using it for streaming. So I install this fork to my server (GCP) and fortunately it is working in android. Well, for android device I could barely see the difference because its CPU basically could be fast with any encryption methods, but I couldn’t check it in my router because the option “none” is not available.
Has anybody using this “none” cipher method in openwrt? What can I do to make this work?

Regards

Johnex · 2020-09-27T15:09:45.770Z

Well the whole point of Shadowsocks is that it turns the traffic into HTTPS, so it looks like any other web traffic. This is the main trick here. If any world firewall would block HTTPS traffic, all sites on the internet would break. If you remove the encryption, you are basically just relaying the normal traffic, and it will be detected and blocked.

What you want to do instead is change to a cipher that is extremely fast when software decoded such as “chacha20-poly1305”. It also happens to be the most secure cipher at the moment and only one of 4 used in TLS1.3.

You would start SS with

ss-redir -m chacha20-poly1305