How To Easily Install Trojan GFW on Ubuntu - A Step by Step Tutorial
What is trojanGFW?
An unidentifiable mechanism that helps you bypass GFW. Trojan features multiple protocols overSo, at the core trojan GFW is also an encrypted proxy, which makes it similar to v2ray. According to the v2ray developers trojan GFW is similar to v2ray+ws+cdn. Here are similarities between the two protocols (v2ray+ws+cdn and trojanGFW):
TLSto avoid both active/passive detections and ISP
QoSlimitations. Trojan is not a fixed program or protocol. It’s an idea, an idea that imitating the most common service, to an extent that it behaves identically, could help you get across the Great FireWall permanently, without being identified ever. On penetrating GFW, people assume that strong encryption and random obfuscation may cheat GFW’s filtration mechanism. However, trojan implements the direct opposite: it imitates the most common protocol across the wall,
HTTPS, to trick GFW into thinking that it is
- both are encrypted proxies
- both can use CDN
- both claim to be hard to get detected by GFW like firewalls
- both have good speed
- v2ray supports TCP and UDP (Skype, WhatsApp etc calls), whereas trojan GFW supports only TCP
- v2ray is supported by many 3rd party apps, whereas for now there are not many apps that support trojan GFW
Choosing a VPS
- Before making a payment ping an IP address of the VPS provider. Look for looking glass pages.
- Prefer hourly billing VPS services
- Prefer less popular VPS services
- Check for ratings and user reviews
- Prefer KVM virtualization
- Use a VPN when using Putty or an alternative SSH programme, to prevent IP address blocking
I have used these VPS services:
- Vultr – hourly billing – starting from $3.5 per month – vultr.com (get a $100 bonus)
- DigitalOcean – hourly billing – starting from $5 per month – digitalocean.com (get a $100 bonus)
- RackNerd – monthly billing – starting from $2 per month (annual subscription) – racknerd.com
- Contabo – monthly billing – starting from € 3.99 per month – contabo.com
- Ramnode – hourly billing – starting from $3 per month – ramnode.com
Thanks to the one-command script by johnrosen1, you can install trojanGFW easily, even if you are not familiar with Linux commands.
You need to have Ubuntu and Debian. This guide will be for Ubuntu.
The setup consists of two parts.
First, you need to purchase a domain and configure Cloudflare. Second, install the trojanGFW script.
Part one – domain name and CloudflareYou will need:
- A domain name
- A Cloudflare account
- Point your nameservers to Cloudflare
- Point your VPS IP to your domain name
To get an SSL certificate, you need a domain name (www.example.com), preferably a paid one from providers like namecheap or porkbun, and a Cloudflare account. Both Porkbun and Namecheap have free Whois Guard. When it comes to pricing, Porkbun has an upper hand, you can find domain names for under $3 per year. Please do check the renewal prices before purchasing a domain.
1. Nameservers configurationWhen adding your domain name to your Cloudflare account, Cloudflare will ask you to redirect your nameservers. It will be something like this:
example2.ns.cloudflare.comYou need to copy those from Cloudflare to your domain name registrar (ex: namecheap.com). On Namecheap you can find it on Domain List > Manage > Nameservers. Change the DNS to Custom DNS and add Cloudflare nameservers. After a while, Cloudflare will inform you that the setup is done.,
2. Connecting your domain name to the VPS IP address
- Go to DNS Management
- Press “Add Record”
- Type your sub-domain name or domain name to “Name” (ex: write test for test.example.com or @ for example.com)
- Write your VPS IP to “IPv4 address”.
- Make sure the color of “Proxy status” is gray and says DNS Only. (You should change it to Proxied after installing trojanGFW to use CDN)
Part two – install trojanGFW
Now SSH to your VPS using Putty.
- 1. Check firewall status, enable firewall if inactive and open ports 80 and 443
sudo ufw status verbose sudo ufw enable sudo ufw allow http sudo ufw allow https
- 2. Install updates, curl and the trojanGFW.
sudo apt-get update && apt-get install sudo curl -y && curl -Ss https://raw.githubusercontent.com/johnrosen1/vpstoolbox/master/vps.sh | sudo bash
1. 3. Next, several steps of trojanGFW installation.
1. You will be asked to choose system language.
2. Accept MIT License.
3. VPS Toolbox Menu.
4. What do you want to install?
You can choose others as well, if you want to install them
5. Enter your domain name or subdomain.
6. You will be asked enter trojan profile one and profile two passwords.
password1 and password2
7. Netdata, Qbittorrent etc. directory
Press OK (no need to change anything)
8. You are asked whether you want to enter your CDN API
and email address key for SSL certificate.
Choose YES, then choose Cloudflare, then copy your Cloudflare API key.
Next, enter your Cloudflare email address.
To get the API go to Cloudflare -> My Profile -> API -> Global API key
9. Reboot server.
And, that is it for the installation part.
Managing trojan GFW
Adding a userAfter the setup is complete, you can see which services are active on your server. Also, there will be link to a guide. On my example it is as following:
https://domain.com/test.htmlIn that guide, you can find your link for the trojan GFW web panel. To add a user, you need to go to “Register”, press add button and fill in the blanks according to your preferences.
- Username – here you can write anything you want, needed for trojanGFW
- Email – you can write here made up email, but do not forget it
- Password – atleast 6 characters, needed for trojanGFW
- Domain/subdomain – example.com
- Port – 443
- Pasword – Username:Password
Installing trojan GFW Client on Your Devices
trojanGFW apps for Android
You can use trojan on several apps on Android, and all of them are available for free on Google Play.
- Igniter (Official)
- Clash for Android
trojanGFW apps for iOS
On your you can use trojan only by buying paid apps.