Install DNSCrypt Proxy
Encrypt your DNS queries with DNSCrypt Proxy.
ALTERNATIVE: Cloudflare DNS (Recommended)
# Install Systemd-Resolved
sudo apt install -y systemd-resolved
sudo dnf install -y systemd-resolved
sudo pacman -S --noconfirm systemd-resolved
sudo zypper -n install systemd-resolved
# Install DNSCrypt Proxy
sudo apt install -y dnscrypt-proxy
sudo dnf install -y dnscrypt-proxy
sudo pacman -S --noconfirm dnscrypt-proxy
sudo zypper -n install dnscrypt-proxy
# Enable and start Systemd-Resolved
sudo systemctl enable systemd-resolved
sudo systemctl start systemd-resolved
# Enable and start DNSCrypt Proxy
sudo systemctl enable dnscrypt-proxy
sudo systemctl start dnscrypt-proxy
# Configure Systemd-Resolved
sudo tee /etc/systemd/resolved.conf &>/dev/null << EOF
[Resolve]
DNS=127.0.0.1:5300
DNS=[::1]:5300
DNS=1.1.1.1#one.one.one.one
DNS=2606:4700:4700::1111#one.one.one.one
DNS=1.0.0.1#one.one.one.one
DNS=2606:4700:4700::1001#one.one.one.one
Domains=~.
DNSOverTLS=opportunistic
DNSSEC=allow-downgrade
DNSStubListener=yes
EOF
# Make /etc/resolv.conf a symlink to Systemd-Resolved file
[ -e /run/systemd/resolve/stub-resolv.conf ] && sudo ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
# Restart Systemd-Resolved for the changes to take effect
sudo systemctl restart systemd-resolved
# Configure DNSCrypt Proxy
sudo tee /etc/dnscrypt-proxy/dnscrypt-proxy.toml &>/dev/null << EOF
listen_addresses = ["127.0.0.1:5300", "[::1]:5300"]
server_names = ["cloudflare", "cloudflare-ipv6"]
[sources]
[sources."public-resolvers"]
url = "https://raw.github.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md"
minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3"
cache_file = "/var/cache/dnscrypt-proxy/public-resolvers-v3.md"
EOF
# Restart DNSCrypt Proxy for the changes to take effect
sudo systemctl restart dnscrypt-proxyALTERNATIVE: Mullvad DNS
ALTERNATIVE: Google DNS
ALTERNATIVE: Yandex DNS
TIP: Uninstall DNSCrypt Proxy
Last updated