d00e751efc
by me, ok jasper@ DNSCrypt-proxy provides local service which can be used directly as your local resolver or as a DNS forwarder, encrypting requests using the DNSCrypt protocol and passing them to an upstream server, by default OpenDNS who run this on their resolvers. The DNSCrypt protocol is very similar to DNSCurve, but focuses on securing communications between a client and its first-level resolver. While not providing end-to-end security, it protects the local network, which is often the weakest point of the chain, against man-in-the-middle attacks. It also provides some confidentiality to DNS queries.
11 lines
341 B
Plaintext
11 lines
341 B
Plaintext
In order to perform queries over DNSCrypt, using OpenDNS as a
|
|
resolver, the easiest way is change your /etc/resolv.conf file to:
|
|
|
|
nameserver 127.0.0.1
|
|
lookup file bind
|
|
options edns0
|
|
|
|
But DNSCrypt does _not_ cache queries. So the recommended way to use
|
|
it is as a forwarder for a DNS cache like Unbound.
|
|
Both can safely run on the same host.
|