#下载解压trojan cd /usr/src wget https://github.com/trojan-gfw/trojan/releases/download/v1.16.0/trojan-1.16.0-linux-amd64.tar.xz tar xf trojan-1.* #生成自建证书,复制到trojan目录 cd /root openssl req -x509 -newkey rsa:4096 -nodes -out cert.pem -keyout key.pem -days 36500 cp cert.pem key.pem /usr/src/trojan #常用命令 systemctl start trojan systemctl stop trojan systemctl restart trojan systemctl enable trojan systemctl disable trojan systemctl status trojan #设置自动启动 vim /lib/systemd/system/trojan.service [Unit] Description=trojan Documentation=man:trojan(1) https://trojan-gfw.github.io/trojan/config https://trojan-gfw.github.io/trojan/ After=network.target network-online.target nss-lookup.target mysql.service mariadb.service mysqld.service [Service] Type=simple StandardError=journal User=root AmbientCapabilities=CAP_NET_BIND_SERVICE ExecStart=/usr/src/trojan/trojan /usr/src/trojan/config.json ExecReload=/bin/kill -HUP $MAINPID Restart=on-failure RestartSec=1s [Install] WantedBy=multi-user.target #编辑trojan配置文件 vim /usr/src/trojan/config.json { "run_type": "server", "local_addr": "0.0.0.0", "local_port": 9622, "remote_addr": "127.0.0.1", "remote_port": 80, "password": [ "l1icznxqwhD&53J^" ], "log_level": 1, "ssl": { "cert": "/usr/src/trojan/cert.pem", //fullchain.cer "key": "/usr/src/trojan/key.pem", //域名.key //"sni": "域名", "key_password": "", "cipher": "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384", "cipher_tls13": "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384", "prefer_server_cipher": true, "alpn": [ "http/1.1" ], "alpn_port_override": { "h2": 81 }, "reuse_session": true, "session_ticket": false, "session_timeout": 600, "plain_http_response": "", "curves": "", "dhparam": "" }, "tcp": { "prefer_ipv4": false, "no_delay": true, "keep_alive": true, "reuse_port": false, "fast_open": false, "fast_open_qlen": 20 }, "mysql": { "enabled": false, "server_addr": "127.0.0.1", "server_port": 3306, "database": "trojan", "username": "trojan", "password": "", "key": "", "cert": "", "ca": "" } }