Difference between revisions of "Package:Dnscrypt"

m
m (grammar edits)
 
(One intermediate revision by one other user not shown)
Line 5: Line 5:
 
}}
 
}}
 
{{warning|As this page deals with DNS it has the potential to break your internet access!  Ensure you have stable live media that can restore your system.}}
 
{{warning|As this page deals with DNS it has the potential to break your internet access!  Ensure you have stable live media that can restore your system.}}
DNScrypt provides encryption from clients to upstream DNS servers.  Encrypting this traffic prevents spying, spoofing, and other man in the middle attacks.
+
DNScrypt provides encryption from clients to upstream DNS servers.  Encrypting this traffic prevents spying, spoofing, and other man-in-the-middle attacks.
  
 
=== Installation ===
 
=== Installation ===
Line 11: Line 11:
  
 
=== Configuration ===
 
=== Configuration ===
 +
By default, opendns is used, although some [http://www.opennicproject.org/ opennic servers] support dnscrypt.
 +
 
{{f|/etc/conf.d/dnscrypt-proxy}} controls settings for DNScrypt.  A [https://github.com/jedisct1/dnscrypt-proxy/blob/master/dnscrypt-resolvers.csv list of resolvers] has been compiled for use with DNScrypt.
 
{{f|/etc/conf.d/dnscrypt-proxy}} controls settings for DNScrypt.  A [https://github.com/jedisct1/dnscrypt-proxy/blob/master/dnscrypt-resolvers.csv list of resolvers] has been compiled for use with DNScrypt.
  
Line 22: Line 24:
  
 
=== Testing ===
 
=== Testing ===
If you're using opendns, this welcome page will tell if your encrypted or not.
+
If you're using opendns, this welcome page will tell you if you're encrypted or not.
https://www.opendns.com/welcome/
+
;https://www.opendns.com/welcome/
  
 +
If you're using any other encryption enabled dns servers, try a "leak" test.  They should only report the dns servers associated with the ones you've chosen from the list.
 +
;https://www.dnsleaktest.com/
 
{{EbuildFooter}}
 
{{EbuildFooter}}

Latest revision as of 14:41, March 22, 2015

net-dns/dnscrypt-proxy


Source Repository:Funtoo Overlay
Homepage

Summary: A tool for securing communications between a client, and a DNS resolver.


News

Mgorny

New OpenGL management in Funtoo

Funtoo is switching to an improved system for managing multiple OpenGL providers (Mesa/Xorg, AMD and nVidia). The update may involve blockers and file collisions.
30 March 2015 by Mgorny
Drobbins

Subarch Profiles are coming...

Subarch profiles are on their way! Learn more here.
29 March 2015 by Drobbins
Drobbins

RSS/Atom Support

You can now follow this news feed at http://www.funtoo.org/news/atom.xml .
10 February 2015 by Drobbins
View More News...

Dnscrypt

Tip

This is a wiki page. To edit it, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.

Warning

As this page deals with DNS it has the potential to break your internet access! Ensure you have stable live media that can restore your system.

DNScrypt provides encryption from clients to upstream DNS servers. Encrypting this traffic prevents spying, spoofing, and other man-in-the-middle attacks.

Installation

# emerge dnscrypt-proxy


Configuration

By default, opendns is used, although some opennic servers support dnscrypt.

/etc/conf.d/dnscrypt-proxy controls settings for DNScrypt. A list of resolvers has been compiled for use with DNScrypt.

/etc/resolv.conf - set dns server as dnscrypt-proxy
nameserver 127.0.0.1

Service

# rc-update add dnscrypt-proxy default
# rc


Testing

If you're using opendns, this welcome page will tell you if you're encrypted or not.

https://www.opendns.com/welcome/

If you're using any other encryption enabled dns servers, try a "leak" test. They should only report the dns servers associated with the ones you've chosen from the list.

https://www.dnsleaktest.com/