mirror of
https://github.com/SagerNet/sing-box.git
synced 2024-11-24 09:31:30 +00:00
aae3fded32
* Copyedit documentation Close #1378 * remove yum, go full on dnf fixes #2049
213 lines
5.4 KiB
Markdown
213 lines
5.4 KiB
Markdown
---
|
|
icon: material/lightning-bolt
|
|
---
|
|
|
|
# Hysteria 2
|
|
|
|
Hysteria 2 is a simple, Chinese-made protocol based on QUIC.
|
|
The selling point is Brutal, a congestion control algorithm that
|
|
tries to achieve a user-defined bandwidth despite packet loss.
|
|
|
|
!!! warning
|
|
|
|
Even though GFW rarely blocks UDP-based proxies, such protocols actually have far more obvious characteristics than TCP based proxies.
|
|
|
|
| Specification | Resists passive detection | Resists active probes |
|
|
|---------------------------------------------------------------------------|---------------------------|-----------------------|
|
|
| [hysteria.network](https://v2.hysteria.network/docs/developers/Protocol/) | :material-alert: | :material-check: |
|
|
|
|
## :material-text-box-check: Password Generator
|
|
|
|
| Generate Password | Action |
|
|
|----------------------------|-----------------------------------------------------------------|
|
|
| <code id="password"><code> | <button class="md-button" onclick="generate()">Refresh</button> |
|
|
|
|
<script>
|
|
function generate() {
|
|
const array = new Uint8Array(16);
|
|
window.crypto.getRandomValues(array);
|
|
document.getElementById("password").textContent = btoa(String.fromCharCode.apply(null, array));
|
|
}
|
|
generate();
|
|
</script>
|
|
|
|
## :material-alert: Difference from official Hysteria
|
|
|
|
The official program supports an authentication method called **userpass**,
|
|
which essentially uses a combination of `<username>:<password>` as the actual password,
|
|
while sing-box does not provide this alias.
|
|
To use sing-box with the official program, you need to fill in that combination as the actual password.
|
|
|
|
## :material-server: Server Example
|
|
|
|
!!! info ""
|
|
|
|
Replace `up_mbps` and `down_mbps` values with the actual bandwidth of your server.
|
|
|
|
=== ":material-harddisk: With local certificate"
|
|
|
|
```json
|
|
{
|
|
"inbounds": [
|
|
{
|
|
"type": "hysteria2",
|
|
"listen": "::",
|
|
"listen_port": 8080,
|
|
"up_mbps": 100,
|
|
"down_mbps": 100,
|
|
"users": [
|
|
{
|
|
"name": "sekai",
|
|
"password": "<password>"
|
|
}
|
|
],
|
|
"tls": {
|
|
"enabled": true,
|
|
"server_name": "example.org",
|
|
"key_path": "/path/to/key.pem",
|
|
"certificate_path": "/path/to/certificate.pem"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
```
|
|
|
|
=== ":material-auto-fix: With ACME"
|
|
|
|
```json
|
|
{
|
|
"inbounds": [
|
|
{
|
|
"type": "hysteria2",
|
|
"listen": "::",
|
|
"listen_port": 8080,
|
|
"up_mbps": 100,
|
|
"down_mbps": 100,
|
|
"users": [
|
|
{
|
|
"name": "sekai",
|
|
"password": "<password>"
|
|
}
|
|
],
|
|
"tls": {
|
|
"enabled": true,
|
|
"server_name": "example.org",
|
|
"acme": {
|
|
"domain": "example.org",
|
|
"email": "admin@example.org"
|
|
}
|
|
}
|
|
}
|
|
]
|
|
}
|
|
```
|
|
|
|
=== ":material-cloud: With ACME and Cloudflare API"
|
|
|
|
```json
|
|
{
|
|
"inbounds": [
|
|
{
|
|
"type": "hysteria2",
|
|
"listen": "::",
|
|
"listen_port": 8080,
|
|
"up_mbps": 100,
|
|
"down_mbps": 100,
|
|
"users": [
|
|
{
|
|
"name": "sekai",
|
|
"password": "<password>"
|
|
}
|
|
],
|
|
"tls": {
|
|
"enabled": true,
|
|
"server_name": "example.org",
|
|
"acme": {
|
|
"domain": "example.org",
|
|
"email": "admin@example.org",
|
|
"dns01_challenge": {
|
|
"provider": "cloudflare",
|
|
"api_token": "my_token"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
]
|
|
}
|
|
```
|
|
|
|
## :material-cellphone-link: Client Example
|
|
|
|
!!! info ""
|
|
|
|
Replace `up_mbps` and `down_mbps` values with the actual bandwidth of your client.
|
|
|
|
=== ":material-web-check: With valid certificate"
|
|
|
|
```json
|
|
{
|
|
"outbounds": [
|
|
{
|
|
"type": "hysteria2",
|
|
"server": "127.0.0.1",
|
|
"server_port": 8080,
|
|
"up_mbps": 100,
|
|
"down_mbps": 100,
|
|
"password": "<password>",
|
|
"tls": {
|
|
"enabled": true,
|
|
"server_name": "example.org"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
```
|
|
|
|
=== ":material-check: With self-sign certificate"
|
|
|
|
!!! info "Tip"
|
|
|
|
Use `sing-box merge` command to merge configuration and certificate into one file.
|
|
|
|
```json
|
|
{
|
|
"outbounds": [
|
|
{
|
|
"type": "hysteria2",
|
|
"server": "127.0.0.1",
|
|
"server_port": 8080,
|
|
"up_mbps": 100,
|
|
"down_mbps": 100,
|
|
"password": "<password>",
|
|
"tls": {
|
|
"enabled": true,
|
|
"server_name": "example.org",
|
|
"certificate_path": "/path/to/certificate.pem"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
```
|
|
|
|
=== ":material-alert: Ignore certificate verification"
|
|
|
|
```json
|
|
{
|
|
"outbounds": [
|
|
{
|
|
"type": "hysteria2",
|
|
"server": "127.0.0.1",
|
|
"server_port": 8080,
|
|
"up_mbps": 100,
|
|
"down_mbps": 100,
|
|
"password": "<password>",
|
|
"tls": {
|
|
"enabled": true,
|
|
"server_name": "example.org",
|
|
"insecure": true
|
|
}
|
|
}
|
|
]
|
|
}
|
|
```
|