Mint 19 DNSCrypt Install Tutorial

Write tutorials for Linux Mint here
More tutorials on https://github.com/orgs/linuxmint/discu ... /tutorials and (archive) on https://community.linuxmint.com/tutorial
Forum rules
Don't add support questions to tutorials; start your own topic in the appropriate sub-forum instead. Before you post read forum rules
Post Reply
JeffF73
Level 2
Level 2
Posts: 63
Joined: Sun May 27, 2012 2:47 pm

Mint 19 DNSCrypt Install Tutorial

Post by JeffF73 »

Finally after fighting with DNSCrypt-proxy installs not working I found a solution that has worked well for me on several different installs and systems. Running Linux Mint Cinnamon 19

Here is the website that I give credit to for step by step instructions that helped me get to a working state with DNSCrypt with some step by step modifications and changes below.
http://www.ubuntubuzz.com/2017/11/how-t ... -1710.html

Before proceeding you might want to Backup with Timeshift for safety and fast way to get back if there is a problem

#1. Install DNSCrypt

Code: Select all

sudo apt-get install dnscrypt-proxy -y
#2. Install your favorite text editor

Code: Select all

sudo apt-get install xed -y
#3. Change Resolver to 'cisco'
Change the text "ResolverName fvz-anyone" to ResolverName cisco
If you have issues with this code changing the ResolverName like I did you can use sudo xed /etc/dnscrypt-proxy/dnscrypt-proxy.conf and manually change it to your prefrerence

Code: Select all

sudo sed -i 's/fvz-anyone/cisco/g' /etc/dnscrypt-proxy/dnscrypt-proxy.conf
#4. Change DNSCrypt Local IP and Port
These codes Change 127.0.2.1 to 127.0.0.1 on both sockets in dnscrypt-proxy.socket.
If you have issues with these codes changing the DNS and port like I did you can use sudo xed /lib/systemd/system/dnscrypt-proxy.socket and manually change it to your prefrerence Credit to the fixed code goes to naishoya @ https://gist.github.com/anonymous/a8e04 ... 8cbfedd60a

Code: Select all

sudo grep '127' /lib/systemd/system/dnscrypt-proxy.socket
sudo sed -i 's/127.0.2.1:53/127.0.0.1:53/g' /lib/systemd/system/dnscrypt-proxy.socket
sudo grep '127' /lib/systemd/system/dnscrypt-proxy.socket
#5. Reload Daemon for DNSCrypt Configuration

Code: Select all

sudo systemctl daemon-reload
#6. Restart DNSCrypt Service

Code: Select all

sudo systemctl stop dnscrypt-proxy.socket
sudo systemctl start dnscrypt-proxy
#7. Disable Default System's DNS Service

Code: Select all

sudo systemctl disable systemd-resolved.service
sudo rm -v /etc/resolv.conf
sudo systemctl stop systemd-resolved.service
#8. Network Manager will recreate /etc/resolv.conf after a restart. This issue will prevent DNSCrypt working after a restart.
The fix was posted on the previous website in the comments section. Credit goes to genzj and Ngalim Siregar
To prevent Network Manager create /etc/resolv.conf after restart you can add dns=none in /etc/NetworkManager/NetworkManager.conf in [main].

Code: Select all

sudo xed /etc/NetworkManager/NetworkManager.conf
#9. Now go to your Network Manager "Wifi or Ethernet connection"
To edit your connection and go to "IPV4 Settings" Tab
Method: Change from "Automatic (DHCP)" to "Automatic (DHCP) Address Only"
Go down to DNS Servers: Add "127.0.0.1" without quotes (Note: If you changed the DNS IP to your own preferred preference in step #4. Change DNSCrypt Local IP you will need to match it here in Network Manager)

#10. Restart Network Manager

Code: Select all

sudo service dnscrypt-proxy start
sudo service network-manager restart
sudo systemctl restart NetworkManager.service
Restart Cinnamon should work for the first time. If not do a full system restart

If you have no network connection after following all the steps above go back to step #4. Change DNSCrypt Local IP and Port to something like 127.0.0.1:53 or 127.0.0.2:53 sudo xed /lib/systemd/system/dnscrypt-proxy.socket Also go back to step #9 and change your Network DNS to the one you choose to change it to above.

Go to
dnsleaktest.com and do a test. All should work fine
You can also go to https://welcome.opendns.com/ to check if Opendns is working properly

Bash Code

Code: Select all

#!/bin/bash
sudo apt-get install dnscrypt-proxy -y
sudo sed -i 's/fvz-anyone/cisco/g' /etc/dnscrypt-proxy/dnscrypt-proxy.conf
sudo apt-get install xed -y
sudo grep '127' /lib/systemd/system/dnscrypt-proxy.socket
sudo sed -i 's/127.0.2.1:53/127.0.0.1:53/g' /lib/systemd/system/dnscrypt-proxy.socket
sudo grep '127' /lib/systemd/system/dnscrypt-proxy.socket
sudo systemctl daemon-reload
sudo systemctl stop dnscrypt-proxy.socket
sudo systemctl start dnscrypt-proxy
sudo systemctl disable systemd-resolved.service
sudo rm -v /etc/resolv.conf
sudo systemctl stop systemd-resolved.service

# Add "dns=none" in /etc/NetworkManager/NetworkManager.conf in [main] section without the quotes.
sudo xed /etc/NetworkManager/NetworkManager.conf

sudo service dnscrypt-proxy start
sudo service network-manager restart
sudo systemctl restart NetworkManager.service
Post Reply

Return to “Tutorials”