Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
How do I install DNSCrypt?
You can't. Because DNSCrypt is just a specification.
dnscrypt-proxy is a flexible DNS proxy. It runs on your computer or router, and can locally block unwanted content, reveal where your devices are silently sending data to, make applications feel faster by caching DNS responses, and improve security and confidentiality by communicating to upstream DNS servers over secure channels.
- Installation on Windows
- Installation on macOS
- Installation on Linux
- Installation on pfsense
- Installation on Pi-Hole
- Installation on OpenWRT / LEDE
- Installation on Synology
- Installation on OPNsense
- Simple DNSCrypt is a simple management tool to configure dnscrypt-proxy on windows based systems.
- DNSCloak is a full-featured DNSCrypt client for iOS, with filtering, logging, caching, password protection and more. No jailbreak required.
- AdGuard Pro for iOS, Android, macOS and Windows embeds dnscrypt-proxy in a slick user interface.
- dnscrypt-proxy switcher is a plugin for Bitbar on macOS, to control dnscrypt-proxy usage from the menu bar.
Setting up dnscrypt-proxy (general guidelines)
- Extract and adjust the configuration file dnscrypt-proxy.toml to your needs. In case you started fresh, ensure you backup your modified
Note: You can choose a set of preferred servers in the
# server_names = ['scaleway-fr', 'google', 'yandex']
Change to the servers you would like to use and remove the leading
server_names = ['google', 'cloudflare']
When doing this filters are ignored if you explicitly name the set of resolvers to use
Filters are used when the list is empty, which means
all resolvers from configured sources, matching the filters.
- Make sure that nothing else is already listening to port 53 on your system and run (in a console with elevated privileges on Windows) the
Change your DNS settings to the configured IP address and check that everything works as expected.
./dnscrypt-proxy -resolve example.com
should return one of the chosen DNS servers instead of your ISP's resolver.
- Register as a system service.
Verification of downloaded files
Pre-compiled binaries can be verified with Minisign:
minisign -Vm dnscrypt-proxy-*.tar.gz -P RWTk1xXqcTODeYttYMCMLo0YJHaFEHn7a3akqHlb/7QvIQXHVPxKbjB5