[Dnsmasq-discuss] DNSCrypt - the big picture

Lonnie Abelbeck lists at lonnie.abelbeck.com
Fri Feb 7 12:42:00 GMT 2014

DNS Gurus,

With all the excellent work on DNSSEC, I'd like to get this list's thoughts on the merits of using DNSCrypt.

I cross-compiled dnscrypt-proxy 1.3.3 together with libsodium 0.4.5 from source, and it works splendidly with our beloved dnsmasq.

FYI, I started dnscrypt-proxy as:

$ dnscrypt-proxy -d --local-address -p /var/run/dnscrypt-proxy.pid

And configured dnsmasq as:

But, stepping back from the trees to the forest, is DNSCrypt a solution we all should consider using, or is it more of a security "feel good" measure ?

I admit is is nice to know that no-one is silently altering DNS queries/responses in transit to a trusted DNS server, but is that being overly paranoid ?

Appreciate any comments...


More information about the Dnsmasq-discuss mailing list