Friday, October 14, 2016

How To Install DNSCrypt on Ubuntu 16.04 LTS To Encrypt DNS Traffic

Encrypt DNS Traffic in Ubuntu Linux with DNSCrypt - DNSCrypt is a protocol that authenticates communications between a DNS client and a DNS resolver. This is great tool for securing communications, prevents DNS spoofing, man-in-the-middle attacks (MITM), and spoofing.

DNSCrypt uses cryptographic signatures to verify that responses originate from the chosen DNS resolver and haven't been tampered with.

DNSCrypt available for major operating systems, including Linux, OSX, Android, iOS, BSD and Windows. Start from Ubuntu 16.04 LTS, DNSCrypt can now be installed without adding the PPA into the system.

Installing Dnscrypt-Proxy in Ubuntu Linux

Complete Guide to Install DNSCrypt in Ubuntu Linux

To install dnscrypt-proxy package on Ubuntu 16.04 LTS Xenial Xerus and based Linux distribution is as easy. We can easily install the package without adding a PPA into the system.

Step 1 - First, please ensure you have the universe repository is enabled. You can enable the repository by adding this line :

deb http://us.archive.ubuntu.com/ubuntu xenial main universe

into Ubuntu sources.list that located in /etc/apt/ directory. Well, if you love the GUI based, you can easily enable it in Software & Updates.

Also on Linuxslaves :

Step 2 - After any changes you should run this command in terminal window to update your system :

sudo apt-get update

Step 3 - You can now install the package just like this :

sudo apt-get install dnscrypt-proxy

Setting Up Network Connection DNS Server

After installing DNSCrypt, you need to set the network connection DNS server to 127.0.0.2. We can use Network Manager GUI to change the DHCP settings.

Step 1 - Head to Ubuntu panel, then click at Network Manager indicator

Step 2 - Open Edit Connections, then select your connection and click Edit

Step 3 - Switch to the IPv4 Settings tab

If you're using Manual / static IP, enter 127.0.0.2 under DNS servers, then save the configuration. See the screenshot :

How to Configure DNSCrypt in Ubuntu Linux

If you're using Automatic (DHCP), change it to Automatic (DHCP) addresses only, then simply add 127.0.0.2 under DNS servers as shown :

How to Configure DNSCrypt in Ubuntu 16.04 LTS

Step 4 - Final touch, now restart the network connection. Head to Network indicator then Enable Networking twice. It's mean disable and then re-enable.

Checking The DNS

Time to check the new configuration. Visit https://www.opendns.com/welcome/. If you have changed the DNS correctly to OpenDNS, the page will tell you as shown :

Change DNS to OpenDNS in Ubuntu 16.04 LTS Xenial Xerus

Another way to checking if dnscrypt-proxy is working is run this command from your Ubuntu's terminal :

sudo tcpdump -i eth0

Change eth0 with your with your current network interface like wlan0, wlan1, etc. You can find the network interface using ifconfig.

How to DNS Encrypt Traffic in Ubuntu Linux

If you see resolver2.opendns.com.https then it means the OpenDNS via DNSCrypt works correctly.

Well, that's all I can write about step-by-step to do to install and configure DNSCrypt / dnscrypt-proxy in Ubuntu 16.04 LTS. Visit http://dnscrypt.org/ for more information.

Related Post

No comments:

Post a Comment