Installation Guide Linux Security

DnsCrypt on Ubuntu – Encrypted DNS Traffic

DNScrypt is a protocol that is used to improve DNS security by authenticating communications between a DNS client and a DNS resolver. DNSCrypt prevents DNS spoofing. It uses cryptographic signatures to verify that responses originate from the chosen DNS resolver and haven’t been tampered with. DNSCrypt is available for multiple platforms including Windows, MacOS, Unix, Android, iOS, Linux and even routers.

DNScrypt installation on Ubuntu

sudo add-apt-repository ppa:anton+/dnscrypt
sudo apt-get update
sudo apt-get install dnscrypt-proxy

After the installation you need to update your network configuration with dns servers as 127.0.0.2

After that you need to start the dnscrypt using the following steps:

# service dnscrypt-proxy start

The installation automatically creates a user “_dnscrypt-proxy” and runs the service as the that user. You can check the status of the service using:

# service dnscrypt-proxy status

Checking The DNS

You can verify if the installation is working or not by visiting the following link. You will get the following screenshot, if DNScrypt is successfully configured.

https://www.opendns.com/welcome/

Free, DNSCrypt-enabled resolvers are available all over the world

A couple of companies, organizations and individuals are operating public recursive DNS servers supporting the DNSCrypt protocol, so that all you need to run is a client.  A constantly updated list of open DNSCrypt resolvers can be downloaded to replace the default CSV file shipped with the dnscrypt-proxy client.

Why DNSCrypt is so significant ?

In the same way SSL turns HTTP web traffic into HTTPS encrypted Web traffic, DNSCrypt turns regular DNS traffic into encrypted DNS traffic that is secure from eavesdropping and man-in-the-middle attacks. It doesn’t require any changes to domain names or how they work, it simply provides a method for securely encrypting communication between our customers and our DNS servers.

About the author

Suhesh K.S.

Mr. Suhesh KS is Linux System Administrator by profession with 10 Years of work experience in Linux system administration in web hosting, data center and data warehousing industry and have worked with reputed support companies. His wide range of skills include team management, system administration ( Linux ), programming ( bash, perl, php, java ,python), web hosting, data center support, cPanel Plugin development, website optimisation, Social media marketing.