Dnscrypt is a protocol that is used to improve DNS security by authenticating communications between a DNS client and a DNS resolver. DNSCrypt prevents DNS spoofing. It uses cryptographic signatures to verify that responses originate from the chosen DNS resolver and haven’t been tampered with. DNSCrypt is available for multi-platforms including Windows, MacOS, Unix, Android, iOS, Linux and even routers.
DNSCrypt also allows you to -
Apart from encrypting traffic, DNSCrypt also allows you to take control of your DNS traffic. Most DNSCrypt clients allow the following -
How To Encrypt DNS Traffic With DNSCrypt In Linux?
Now let us move on to using DNSCrypt to encrypt DNS traffic.
dnscrypt-proxy is by far the most popular DNSCrypt implementation and is available for all platforms already mentioned. Let’s follow the following steps to set it up.
Installing the dependencies
The following packages are necessary for the compilation of DNSCrypt. Enter the following commands in terminal to install them.
$ sudo apt-get install build-essential
Enter the following command to install it -
sudo add-apt-repository ppa:anton+/dnscrypt
sudo apt-get update
sudo apt-get install dnscrypt-proxy
Configure Network Manager to use DNSCrypt
Restart the system network service -
$ sudo systemctl restart NetworkManager.service
Verify your setup is working alright.
Configure dnscrypt to start at computer boot. Open the session and startup manager and add the following to the Application Autostart Menu.
sudo dnscrypt-proxy -R opendns -a 127.0.0.2:53 -u dnscrypt
All your DNS communications are now encrypted from this point forward and all your DNS requests are authenticated using DNSCrypt protocol.
And that’s all we have for you in setting up DNSCrypt on your Linux. Hope you find this tutorial useful. Share your experiences and thoughts with us in the comments below.