Skip to main content

DNScrypt

It is important to encrypt your dns traffic. That's the queries from your computer to a dns server. My dns resolv.conf contains:

nameserver 8.8.8.8
nameserver 203.111.231.106


I went ahead and installed dnscrypt-proxy package from the official repository. To check files for dnscrypt-proxy type this in the terminal.  $ sudo pacman -Ql dnscrypt-proxy. It will be /etc/dnscrypt-proxy.conf. The config file for dnscrypt is explicit and looks like this essentially:

ResolverName random

You can change "random" to a specific dnscrypt-proxy name from /usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv. I recommend this because I encounter a "unable to read" error in the logs when I try it the "random" way. Use chattr +i "path-to-file" to set the property of the file to read-only. NetworkManager will try to modify /etc/resolv.conf. Modify this file to:

nameserver 127.0.0.1

Use dig to check the status of your dns server.

# dig 127.0.0.1 google.com

Enable and start dnscrypt-proxy service in systemd.

Check the logs in Arch with:

$ sudo journalctl | grep dnscrypt-proxy


Comments

Popular posts from this blog

Password Issues On Ubuntu Login

I found myself unable to enter my login credentials when prompted to do so in Ubuntu. I think I might have changed it then forget about it. I've been running the current session for more days than I should have. I forget. So what's the solution to my problem. How do I get in to my system now? It involved getting into the grub menu somehow. I am uncertain as to how to do that exactly in your system. So there's a couple of ways to do it (finger's crossed). When booting at system start, use the esc key or the shift key. The first one worked for me. The timing is key. Wait until the bios banner shows then hit the esc key once. I am using Ubuntu 22.04.4 here. I have a current version of grub. The grub menu will give you options and the one you want is: root. Yes you want root privileges to set the root password. It should give you a terminal access where you can issue commands. Type: #mount -rw -o -s remount / ==> this command mounts the filesyste...

Pacman Has to Get Better

I finally got my printers working. I got cups (and cupsd in the /etc/rc.conf) I installed hpoj and a group of printer drivers. So to get my Arch linux to recognize there's a usb printer connected to my system I have to run a daemon (ptal-init setup) and include it in /etc/rc.conf. That finally enabled (after a reboot) my GNOME control center to acknowledge that there is indeed an HP-3900 at the end of my usb port. The real personal story behind my saga with a printer is pacman. It is now throwing 'network not reachable' everytime I start it. Every download and sync. I ran --debug and ping ip addresses and so far I will conclude that it's a really really slow ftp server. The server is so slow pacman is timing out connections. It's unusable guys. My first rolling release distro and I've decided that Arch rises and falls with the performance of their package manager. Great distro for the DIY community. But sorry I can't recommend Arch linux to my mother who jus...

Webapps in Unity

So it has been 4 months since Ubuntu 14.04 came out. This is LTS and supported for 6 years by Canonical. The first mobile device with Ubuntu pre-installed is promised to come out later this year, 2014. It's time to check out how the apps perform so far. It is a good idea. I use Gmail and Twitter and Facebook. Why not a webapp in a desktop? So I start the Twitter and Gmail webapp. So far it has crashed my computer 6 times. Not a very good sign. On the other hand it does work but not as stable as opening them in Firefox. -- Use my PGP key if you want to encrypt your replies/messages to me. You are invited to also send me your PGP keys so we can communicate in private.