[HOWTO] Dnscrypt installation

Post tutorials, HOWTO's and other useful resources here.
User avatar
freestyler
Contributor
Contributor
Posts: 384
Joined: 17 Oct 2013, 14:21
Distribution: Porteus XFCE

[HOWTO] Dnscrypt installation

Post#1 by freestyler » 16 Nov 2013, 06:01

Dnscrypt is a great privacy tool. It's a light weight application that encrypts all your DNS traffic preventing spying, spoofing or man-in-the-middle attacks.

Basic:
Firstly download and activate the 2 modules required here.

Open /etc/rc.d/rc.local with text editor and add:

Code: Select all

exec /usr/local/sbin/dnscrypt-proxy --daemonize --local-address=127.0.0.2
Now open up network manager, select your connection, click edit and goto the ipv4 tab. Change it from "Automatic (DHCP)" to "Automatic (DHCP) Addresses only". In the "DNS Servers" input box enter "127.0.0.2".
Note: You must do this for every connection that you want to encypt

Finally restart your computer or use "dnscrypt-proxy --daemonize --local-address=127.0.0.2" as root in terminal.

Advanced (optional):

its recommended but not required to run dnscrypt as its own user with no privileges. If you want to do this then create a user called "dnscrypt" with no folder or login and add the "--user" argument in rc.local like this:

Code: Select all

exec /usr/local/sbin/dnscrypt-proxy --daemonize --user=dnscrypt --local-address=127.0.0.2
Extra:
I'm sure there is a way to bypass or do something involving /etc/resolve.conf so that all network connections will use dnscrypt by default but i haven't looked into it yet.
https://www.porteus-apps.org