Env

Centos 7

Download rpms

yum install wget -y
wget https://dl.trojan-cdn.com/trojan/linux/trojan-1.15.1-linux-amd64.tar.xz
yum install -y epel-release
yum install -y privoxy
xz -d trojan-1.15.1-linux-amd64.tar.xz
tar -xvf trojan-1.15.1-linux-amd64.tar

Config trojan

cd ./trojan
vi ./config.json
{
	"run_type": "client",
	"local_addr": "127.0.0.1",
	"local_port": 1080,
	"remote_addr": "pro-iplc-hk1-7.sstr-api.xyz",
	"remote_port": 465,
	"password": [""],
	"log_level": 1,
	"ssl": {
		"verify": false,
		"verify_hostname": false,
		"cert": "",
		"cipher": "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA",
		"cipher_tls13": "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384",
		"sni": "",
		"alpn": ["h2", "http/1.1"],
		"reuse_session": true,
		"session_ticket": false,
		"curves": ""
	},
	"tcp": {
		"no_delay": true,
		"keep_alive": true,
		"reuse_port": false,
		"fast_open": false,
		"fast_open_qlen": 20
	}
}
vi /usr/lib/systemd/system/trojan.service
[Unit]
Description=trojan
After=network.target
[Service]
Type=forking
Environment=HOME=/root/trojan/
ExecStart=/root/trojan/start.sh start
ExecStop=pkill -f trojan
PrivateTmp=true
[Install]
WantedBy=multi-user.target
vi ./start.sh
#!/bin/bash
nohup /root/trojan/trojan -c /root/trojan/config.json &
chmod +x ./start.sh
systemctl start trojan
systemctl enable trojan

Config privoxy

setenforce 0
sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
vi /etc/privoxy/config
listen-address 127.0.0.1:1081
toggle 0
show-on-task-bar 0
activity-animation 0
forward-socks5 .google.com/ 127.0.0.1:1080 .
hide-console
systemctl start privoxy.service
systemctl enable privoxy.service
export http_proxy=http://localhost:1081/
export https_proxy=http://localhost:1081/
curl --proxy https://127.0.0.1:1081 -Is https://google.com | grep -w 200

Combined shell

proxy.sh

# Install wget
yum install wget -y

# Download trojan
wget https://dl.trojan-cdn.com/trojan/linux/trojan-1.15.1-linux-amd64.tar.xz

# Install privoxy
yum install -y epel-release
yum install -y privoxy

# Untar trojan
xz -d trojan-1.15.1-linux-amd64.tar.xz
tar -xvf trojan-1.15.1-linux-amd64.tar 

# Config trojan
cd ./trojan
cat <<EOF > ./config.json
{
	"run_type": "client",
	"local_addr": "127.0.0.1",
	"local_port": 1080,
	"remote_addr": "pro-iplc-hk1-7.sstr-api.xyz",
	"remote_port": 465,
	"password": [""], 
	"log_level": 1,
	"ssl": {
		"verify": false,
		"verify_hostname": false,
		"cert": "",
		"cipher": "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA",
		"cipher_tls13": "TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384",
		"sni": "",
		"alpn": ["h2", "http/1.1"],
		"reuse_session": true,
		"session_ticket": false,
		"curves": ""
	},
	"tcp": {
		"no_delay": true,
		"keep_alive": true,
		"reuse_port": false,
		"fast_open": false,
		"fast_open_qlen": 20
	}
}
EOF

# Init trojan service
cat <<EOF > /usr/lib/systemd/system/trojan.service
[Unit]
Description=trojan
After=network.target
[Service]
Type=forking
Environment=HOME=/root/trojan/
ExecStart=/root/trojan/start.sh start
ExecStop=pkill -f trojan
PrivateTmp=true
[Install]
WantedBy=multi-user.target
EOF

# trojian start
cat <<EOF > ./start.sh
#!/bin/bash
nohup /root/trojan/trojan -c /root/trojan/config.json &
EOF

# Auto start trojan
chmod +x ./start.sh
systemctl start trojan
systemctl enable trojan 

# Disbale selinux, or you can't start privoxy
setenforce 0
sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux

# Config privoxy
cat <<EOF > /etc/privoxy/config
listen-address 127.0.0.1:1081
toggle 0
show-on-task-bar 0
activity-animation 0
forward-socks5 .google.com/ 127.0.0.1:1080 .
hide-console
EOF

# Enable privoxy service
systemctl start privoxy.service
systemctl enable privoxy.service

# Global proxy
echo export http_proxy=http://localhost:1081/ >> /etc/profile
echo export https_proxy=http://localhost:1081/ >> /etc/profile
source /etc/profile

#
# echo export PS1="\e[34;1m[\t\e[31;1m \u\e[34;1m@\H \e[34;1m\W\e[34;1m] #\e[0m " >> /etc/profile

# Test proxy
curl www.google.com
curl --proxy https://127.0.0.1:1081 -Is https://google.com | grep -w 200