Hysteria 是一个强大、快速、抗审查的代理工具。
1、一键安装脚本
bash <(curl -fsSL https://get.hy2.sh/)
2、无域名生成自签证书
openssl req -x509 -nodes -newkey ec:<(openssl ecparam -name prime256v1) -keyout /etc/hysteria/server.key -out /etc/hysteria/server.crt -subj "/CN=bing.com" -days 36500 && sudo chown hysteria /etc/hysteria/server.key && sudo chown hysteria /etc/hysteria/server.crt
命令会在 VPS 目录
/etc/hysteria
中生成server.crt
及server.key
文件,并变更相关权限
3、服务端配置文件
nano /etc/hysteria/config.yaml
listen: :8443
tls: cert: /etc/hysteria/server.crt key: /etc/hysteria/server.key
auth: type: password password: 88888888 # 请及时更改密码
masquerade: type: proxy proxy: url: https://bing.com rewriteHost: true
quic: initStreamReceiveWindow: 26843545 maxStreamReceiveWindow: 26843545 initConnReceiveWindow: 67108864 maxConnReceiveWindow: 67108864
4、开启服务
systemctl start hysteria-server.service # 启动 hysteria 服务systemctl enable hysteria-server.service # 设置 hysteria 服务 开机自启systemctl restart hysteria-server.service # 重启 hysteria 服务systemctl stop hysteria-server.service # 停止 hysteria 服务systemctl status hysteria-server.service # 查看 hysteria 服务 状态
如果需要配置端口跳跃
# 将10000-11000端口映射到8443端口iptables -t nat -A PREROUTING -i eth0 -p udp --dport 10000:11000 -j REDIRECT --to-ports 8443# 查看iptables规则iptables -t nat -L PREROUTING -v -n# 删除iptables规则iptables -t nat -D PREROUTING -i eth0 -p udp --dport 10000:11000 -j REDIRECT --to-ports 8443
5、官方客户端
新建一个文件夹
将可执行文件 2于配置文件放在目录下
配置文件config.yaml如下
server: ip:8443 # 改为你服务器的ip和端口
auth: 88888888 # 改为你的密码
bandwidth: up: 50 mbps down: 500 mbps # 根据你的网络情况设置
socks5: listen: 127.0.0.1:1080 # 提供一个1080端口的socks5代理
tls: sni: bing.com # 与服务器配置对应 insecure: true pinSHA256: 0B:B4:3A:03:24:A8:D1:44:CF:91:FB:D
quic: # 调节发送窗口,与服务器保持一致 initStreamReceiveWindow: 26843545 maxStreamReceiveWindow: 26843545 initConnReceiveWindow: 67108864 maxConnReceiveWindow: 67108864
其中 pinSHA256 是服务器的证书的 SHA256 值,通过下面的命令获取
openssl x509 -noout -fingerprint -sha256 -in path_to_your_cert.crt
6、v2rayN 配置
新建文件 hy.yml 修改 ip、密码、带宽
server: ip:8443auth: 88888888
bandwidth: up: 50 mbps down: 100 mbps
tls: sni: bing.com insecure: true
socks5: listen: 127.0.0.1:1080http: listen: 127.0.0.1:8080

7、Clash.meta 配置
- name: "hysteria2" type: hysteria2 server: ip port: 8443 up: "50 Mbps" down: "100 Mbps" password: 88888888 sni: bing.com skip-cert-verify: true
8、官方客户端配置
server: 107.141.100.49:10000-11000
auth: 88888888
bandwidth: up: 50 mbps down: 100 mbps
socks5: listen: 0.0.0.0:1080
http: listen: 127.0.0.1:8080
tls: sni: bing.com insecure: true pinSHA256: 72:8A:69:38:6F:7D:D3:BA:3D:EF:BB:86:F5:58:94:E3:3E:B6:75:0A:6D:BE:BD:3B:26:3E
quic: initStreamReceiveWindow: 26843545 maxStreamReceiveWindow: 26843545 initConnReceiveWindow: 67108864 maxConnReceiveWindow: 67108864 maxIdleTimeout: 30s keepAlivePeriod: 10s