Xray 全自动加密+免证书+开箱即用 的完整配置方案,已包含密钥生成步骤
# 生成 x25519 密钥对
xray x25519 > xray_key.txt && cat xray_key.txt
# 生成 shortId(取前4位)
echo "shortId: $(openssl rand -hex 4 | cut -c1-4)"
输出示例:
私钥:YOUR_PRIVATE_KEY(如 2CFA_4pTrQFjGXXX...)
公钥:YOUR_PUBLIC_KEY(如 qANj_8tQ6yXXX...)
shortId: 89a3
{
"log": { "loglevel": "warning" },
"inbounds": [{
"port": 443,
"protocol": "vless",
"settings": {
"clients": [{
"id": "30e9abcd-1234-5678-90ab-cdef01234567",
"flow": "xtls-rprx-vision"
}],
"decryption": "none"
},
"streamSettings": {
"network": "tcp",
"security": "reality",
"realitySettings": {
"show": false,
"dest": "www.amazon.com:443",
"serverNames": ["www.amazon.com"],
"privateKey": "0LkWqmVPkSsfkeChwOmgMXM7ZJ12-V2_qUjCEWfCcG4",
"shortIds": ["89a3"]
}
}
}],
"outbounds": [{"protocol": "freedom"}]
}
{
"log": { "loglevel": "info" },
"inbounds": [{
"port": 10808, // 本地监听端口
"protocol": "socks",
"settings": {
"auth": "noauth",
"udp": true
}
}],
"outbounds": [{
"protocol": "vless",
"settings": {
"vnext": [{
"address": "你的服务器IP", // ← 只改这里
"port": 443,
"users": [{
"id": "30e9abcd-1234-5678-90ab-cdef01234567", // 同服务器UUID
"flow": "xtls-rprx-vision",
"encryption": "none"
}]
}]
},
"streamSettings": {
"network": "tcp",
"security": "reality",
"realitySettings": {
"serverName": "www.amazon.com",
"publicKey": "YOUR_PUBLIC_KEY", // ← 替换生成的公钥
"shortId": "89a3", // ← 替换生成的shortId
"fingerprint": "chrome" // 指纹伪装
}
}
}]
}
privateKey → 用生成的 私钥shortIds → 用生成的 shortId(如 89a3)address → 服务器IP或域名publicKey → 用生成的 公钥shortId → 与服务器一致xray uuid # 生成新UUID后需同步修改服务端和客户端
# 查看Xray客户端日志
journalctl -u xray-client --since "5分钟前" -f
# 测试网络连通性
curl --socks5 127.0.0.1:10808 https://ip.sb
invalid privateKey 错误:
shortId mismatch 错误:
shortIds 数组和客户端 shortId 是否完全一致sudo lsof -i:443 # 检查端口是否监听
ping 服务器IP # 检查网络可达性