From Bytesized Wiki

Jump to: navigation, search

Encrypt DNS traffic on Ubuntu 13.04

- In this setup the dns encryption daemon runs at system startup.

- At the terminal simply create a tunnel as noted in step 9

- Launch chromium using localhost as a proxy as noted in step 10

Note: This is a user contributed guide, so it comes with no warranty it will work. Use it at your own risk.

Get rid of dnsmasq.

nano /etc/NetworkManager/NetworkManager.conf

find the line containing dns=dnsmasq and add a # at the begging of the line.

Add an unprivileged user for the dnscrypt daemon to run as

useradd -m -U -d /home/user=the_name_of_the_unprivileged_user -s /dev/null user=the_name_of_the_unprivileged_user

where you need to replace the the_name_of_the_unprivileged_user .

Download dns crypt source from:


and unpack the archive.

Make sure our system is all setup to build software from source

 sudo apt-get install build-essential checkinstall

Build dnscrypt:

 ./configure && make -j2
 sudo make install

Edit network adapter and point dns to

Edit /etc/resolv.conf and change name server to

Edit /etc/rc.local and add:

 sudo /usr/local/sbin/dnscrypt-proxy —daemonize —user=the_name_of_the_unprivelaged_user_you_created

then set /etc/rc.local as executable

 sudo chmod +x /etc/rc.local

After this reboot the system.

Create a tunnel:

ssh -D 12345 [email protected]

Launch chromium(or chrome) with:

chromium-browser —proxy-server=“socks://localhost:12345”

Your DNS lookups should now also be encrypted.

This guide was contributed by byteit.

Personal tools