Yesterday I posted an entry showing how to install in Ubuntu the program DNSCrypt Proxy allowing encrypt DNS traffic to navigate with greater security against possible attacks. Considering that in the comments they have talked about how to install it in Arch Linux and it did not seem appropriate to explain it in the same entry, I decided to do it in a separate article.
This time, as good archers, we are going to pull a pure console, and we will find out how it is like this as much or faster and easier than in Ubuntu,
Installation
En Arch we have the advantage that DNSCrypt Proxy is in the official repositories, so to install it just use Pacman:
# pacman -S dnscrypt-proxy
We enable the service:
# systemctl enable dnscrypt-proxy
And we start it:
# systemctl start dnscrypt-proxy
Now we are going to make a backup of the file with the current DNS:
# cp /etc/resolv.conf /etc/resolv.conf.backup
And replace its content so that it uses localhost as a nameserver:
# sh -c "echo 'nameserver 127.0.0.1' > /etc/resolv.conf"
We protect it to prevent it from being modified with each restart:
# chattr +i /etc/resolv.conf
And it only remains to restart the network manager. In case of using Network Manager we do this:
# systemctl restart NetworkManager
And it's over, that's it DNSCrypt Proxy properly installed and configured. To check it we can click here and see if the welcome message from OpenDNS.
These steps apply to a basic installation of DNSCrypt Proxy in a Arch Linux simple with Network Manager, but since I know that surely you have all kinds of strange configurations in your systems or you are interested in exploiting the possibilities of this program more, I invite you to consult the article on DNSCrypt on the wiki Arch Linux.
I'm going to think that the NSA is after you ... that you're passing information to Snowden or something similar LOL!
I'm passing you all the information I have about those sepsis activities with virtual animals that you dedicate yourself to, jojojojojo.
Thanks che! And if instead of NetworkManager I use Wicd, I only make that change when restarting the manager?
Greetings.
That's right, it would only be to change the last command for this:
# systemctl restart wicdHehe excellent tip, could you help me with the advantages I have when using OpenDNS
regards
In Wikipedia they have a very complete explanation: http://es.wikipedia.org/wiki/OpenDNS
I have Tor configured and it works perfect. Configure DNSCrypt Proxy and it works perfect, but without the Tor service, that is without Tor proxy. Question can both services be used at the same time.
Greetings ..
I think I read that you could change the ports DNSCrypt uses, I don't know exactly how.
It has worked perfectly well for me in Antergos.
Thanks friend and greetings.
Thanks, it works fine.
Installed and working in Manjaro. Thanks 😀
I just installed it. I hope to notice differences and that it complies with what it says on the wiki heh
Is there how to have a different IP by installing something similar and not, for example, an addon like Anonymux or others?
Incidentally. In Firefox, with Anonymox turned on, it tells me that it is not installed but if I deactivate it, it does mark me that opendns is active.
Hello A few days ago I installed Dnsmasq and when I went to the web what to put to check if opendns is active it tells me yes, even so I have to install dnscrypt or do I leave it as is?
A noob question and if I want to remove check out the file "resolv.conf" what command do I use?
with chattr -i /etc/resolv.conf you remove protection
I have configured everything and when I open the OpenDNS page it tells me that I am not using it, the service is running and it solves the other webs without problem, and I have put the nameserver 127.0.0.1 in resolv.conf, any ideas?
Correction, it already works ^^ thank you very much for the tutorial
How do I know if it is working since the opendns website tells me that it does not work, but I followed the steps to the letter. I also read this:
It will never show on the OpenDNS page that we are using the service, because dnscrypt by default uses dnscrypt.eu-nl to resolve names, it no longer uses OpenDNS by default, to use OpenDNS you have to edit the dnscrypt-proxy.service
Any idea?