Still not encrypting DNS traffic on Kali

[fahadshery]

Setting it up on Kali Linux

This is exactly what I did...

Goto: https://dnscrypt.info/implementations
You will find Installation and Downloads links there
uname -a to see if you are running a 32 or 64 bit OS. I will be downloading 64 bit in step 4.
Open terminal in Kali terminal and download : wget https://github.com/jedisct1/dnscrypt-proxy/releases/download/2.0.1/dnscrypt-proxy-linux_x86_64-2.0.1.tar.gz
extract downloaded file: tar xzvf dnscrypt-proxy-linux_x86_64-2.0.1.tar.gz
get into the extracted folder: cd linux-x86_64
copy .toml file: cp example-dnscrypt-proxy.toml dnscrypt-proxy.toml
change ownership: chown 2000:2000 dnscrypt-proxy.toml
nano dnscrypt-proxy.toml
You now need to edit dnscrypt-proxy.toml file
    Look for: # server_names = ['scaleway-fr', 'google', 'yandex']
    Change to the servers you would like to use and remove the leading #.
    Example: server_names = ['google','cisco-ipv6']
    You could use DNS server sourcesavailable at: https://github.com/jedisct1/dnscrypt-proxy/wiki/DNS-server-sources#opennic-servers
    I will be using the Opennic one: List maintained by Frank Denis. https://download.dnscrypt.info/dnscrypt-resolvers/v2/opennic.md

        To use that list, add this to the `[sources]` section of your
        `dnscrypt-proxy.toml` configuration file:

            [sources.'public-resolvers']
            url = 'http://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md'
            minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
            cache_file = 'public-resolvers.md'

still not encrypting... not sure what else to do

[jedisct1]

Did you change the DNS settings to 127.0.0.1?

[jedisct1]

Did you change the DNS settings to 127.0.0.1?

[kanyck]

Setups will be different on different Linux distros.
Please check this article on Archwiki https://wiki.archlinux.org/index.php/DNSCrypt as an example.
Also I wrote an article about setting up dnsmasq+dnscrypt on Calculate Linux / Gentoo gateway, but it's in Russian: https://www.calculate-linux.org/blogs/ru/684/show with some focus on parental control. Probably I should translate it, meanwhile you may try Google Translate to read it. At least you must understand how DNS traffic is supposed to go in your installation to set it up properly.

[kanyck]

Setups will be different on different Linux distros.
Please check this article on Archwiki https://wiki.archlinux.org/index.php/DNSCrypt as an example.
Also I wrote an article about setting up dnsmasq+dnscrypt on Calculate Linux / Gentoo gateway, but it's in Russian: https://www.calculate-linux.org/blogs/ru/684/show with some focus on parental control. Probably I should translate it, meanwhile you may try Google Translate to read it. At least you must understand how DNS traffic is supposed to go in your installation to set it up properly.

[evilvibes]

I think hes trying to use dnscrypt-resolvers/v2/opennic.md and he has server_names = ['google', 'cisco-ipv6'] in the toml. If you want the proxy to pick automatically the fastest dns server from dnscrypt-resolvers/v2/opennic.md change it back to # server_names or pick a opennic server or servers you want to use Example: server_names = ['opennic-luggs'] or server_names = ['opennic-luggs', 'opennic-luggs-ipv6']

[evilvibes]

I think hes trying to use dnscrypt-resolvers/v2/opennic.md and he has server_names = ['google', 'cisco-ipv6'] in the toml. If you want the proxy to pick automatically the fastest dns server from dnscrypt-resolvers/v2/opennic.md change it back to # server_names or pick a opennic server or servers you want to use Example: server_names = ['opennic-luggs'] or server_names = ['opennic-luggs', 'opennic-luggs-ipv6']

[jedisct1]

Linux is hard.

Here is a cute kitten picture instead.

[jedisct1]

Linux is hard.

Here is a cute kitten picture instead.

[fahadshery]

Yes I changed /etc/resolv.conf and added nameserver 127.0.0.1. This returns nothing. I have studied the opennic dns servers and referring to those only. I will paste my toml file tomorrow

[fahadshery]

Yes I changed /etc/resolv.conf and added nameserver 127.0.0.1. This returns nothing. I have studied the opennic dns servers and referring to those only. I will paste my toml file tomorrow

[fahadshery]

How could I use [static] reference? I manually added luggs opennic in static section and commented the [source url] but it doesn’t register?

[fahadshery]

How could I use [static] reference? I manually added luggs opennic in static section and commented the [source url] but it doesn’t register?

[ghost]

You extracted dnscrypt-proxy-linux_x86_64-2.0.1.tar.gz

But you never installed it.

[ghost]

You extracted dnscrypt-proxy-linux_x86_64-2.0.1.tar.gz

But you never installed it.

[evilvibes]

How could I use [static] reference? I manually added luggs opennic in static section and commented the [source url] but it doesn’t register?

I'm not sure why you are editing so much in the toml but if you are just trying to use opennic-luggs put the toml back to default and edit one line of the toml change:

# server_names = ['scaleway-fr', 'google', 'yandex']

to

server_names = ['opennic-luggs']

[evilvibes]

How could I use [static] reference? I manually added luggs opennic in static section and commented the [source url] but it doesn’t register?

I'm not sure why you are editing so much in the toml but if you are just trying to use opennic-luggs put the toml back to default and edit one line of the toml change:

# server_names = ['scaleway-fr', 'google', 'yandex']

to

server_names = ['opennic-luggs']

[evilvibes]

I'm making a Basic dnscrypt-proxy.toml editing wiki page feel free to edit and add to it.

[evilvibes]

I'm making a Basic dnscrypt-proxy.toml editing wiki page feel free to edit and add to it.