Phenquestions
In other words, it's a network security protocol that encrypts and verifies the DNS traffic going back and forth between users and websites, servers, and such. It is available for all mainstream operating systems, including all Linux distros.
DNSCrypt Clients
DNSCrypt clients enable communication between DNS resolver servers and users.
There are many DNSCrypt clients to choose from, but our favorite is dnscrypt-proxy. It features a very intuitive GUI that's very easy to get used to. Plus, its CLI is pretty great as well. On top of that, it is updated regularly and is available for every mainstream operating system, including all the BSDs.
Other clients such as Simple DNSCrypt and DNSCrypt-OSXClient may tickle your fancy, but dnscrypt-proxy is the one that we'd recommend.
Why Do You Need a DNSCrypt Client?
With a DNSCrypt client comes the following benefits:
- A DNS client does the work of assessing the traffic integrity concurrently and reporting on it.
- It boosts latency by sidetracking all the IPv6 data away from IPv4 networks.
- It manages the queries from a local zone.
- It sees all the junk and spam you receive.
Installing dnscrypt-proxy on Ubuntu 20.04 or Lesser:
To install dnscrypt-proxy on your device with an Ubuntu version lower than 16, just open the terminal and issue these commands:
$ sudo add-apt-repository ppa:anton+/dnscrypt
If you use v16.x or 17.x, you can install the dnscrypt proxy from the Ubuntu repository. Type in the following command:
$ sudo apt-get install dnscrypt-proxyOnce installed, it'd be a good idea to include 127.0.0.2 to the DNS servers that you have on your network.
Then use the command below:
$ service dnscrypt-proxy start
The command above creates a profile named “_dnscrypt-proxy” and initiates the program with that account. To view how the service is doing, issue the command below:
$ service dnscrypt-proxy status
Check whether everything went as intended by visiting the link:
https://www.opendns.com/welcome
If you see the following page, that means the installation went without a hitch.
If you are more detail-oriented, type:
$ dig txt debug.opendns.cominto the command line terminal, and you'll get:
If the output shows debug.opendns.com. 0 IN TXT “dnscrypt enabled (71447764594D3377)” line, or something resembling that line, and you can rest assured that the installation has been completed.
Wrapping Up
DNSCrypt is exactly what you need if you're concerned over your online security, especially if you're worried that someone might be trying to perform hacks such as MitM attacks or eavesdropping.
The keyword here is online security, although DNSCrypt might be a bit excessive for most people who don't worry about getting hacked. If you just want to protect your browsing data and protect your search history from your ISP, you're better off just using a VPN.
