Shadowsocks-libev: Unable to use AEAD with shadowrocket iOS client

Created on 10 Feb 2017  ·  8Comments  ·  Source: shadowsocks/shadowsocks-libev

What version of shadowsocks-libev are you using?

3.0.1

What operating system are you using?

CentOS 7

What did you do?

Use shadowrocket on iOS to connect to vps

What did you expect to see?

Connection successful

What did you see instead?

Unable to connect. Logs on server:
2017-02-10 09:29:40 ERROR: failed to handshake with [ip address removed]: authentication error

Nothing additional when running with -v.

ss-local on Windows (cygwin) works fine. The issue only occurred when using shadowrocket on iOS.

What is your config in detail (with all sensitive info masked)?

{
"server": ["[::0]", "0.0.0.0"],
"server_port": ,
"local_port": 8089,
"password": "**",
"timeout": 600,
"method": "aes-128-gcm"
}
/usr/local/bin/ss-server -a root -c /etc/shadowsocks-libev/config.json -u

picture alexyangjie

Most helpful comment

AFAIK no client other than shadowsocks-libev and go-shadowsocks2 support AEAD ciphers (which is still in developing stage; see https://github.com/shadowsocks/shadowsocks-org/issues/42)

Please wait for official announcement.

picture riobard on 11 Feb 2017
👍2

All 8 comments

To identify if it's a problem of shadowsocks-libev, you may try this port: https://github.com/shadowsocks/go-shadowsocks2

madeye picture madeye on 10 Feb 2017

It is caused by iOS client

debiansid picture debiansid on 10 Feb 2017

@debiansid If I understand SIP004 (shadowsocks/shadowsocks-org#30) correctly, aes-128-gcm is considered to be AEAD cipher thus will communicate in a different fashion under 3.0.1 server side.

Shadowrocket seems to be based on 2.x client, so it's not supported.

maddie picture maddie on 10 Feb 2017

@maddie agreed

debiansid picture debiansid on 10 Feb 2017

@madeye I've tested with go-shadowsocks2, and it still has issues. Looks like it is an issue with shadowrocket. I will close this issue now. Thanks for help.

alexyangjie picture alexyangjie on 10 Feb 2017

AFAIK no client other than shadowsocks-libev and go-shadowsocks2 support AEAD ciphers (which is still in developing stage; see https://github.com/shadowsocks/shadowsocks-org/issues/42)

Please wait for official announcement.

riobard picture riobard on 11 Feb 2017
👍2

@riobard AES-*-GCM and ChaCha20-Poly1305 is implemented in Android-Client.
The go version is pretty interesting, though very hard to use.
I have to open the CMD every time I want to connect to server :D. Though works great ;).
It would be great, if there a wiki page, tracing SS clients, that which one has implement the AEAD ciphers.

SquirrelCoder picture SquirrelCoder on 14 Mar 2017

@SquirrelCoder https://github.com/shadowsocks/shadowsocks-org/wiki/Implementations

riobard picture riobard on 14 Mar 2017
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

mcmxciv picture mcmxciv  ·  3Comments
iceberg1369 picture iceberg1369  ·  3Comments
tony1016 picture tony1016  ·  3Comments
blackgear picture blackgear  ·  3Comments
msdurex picture msdurex  ·  3Comments