-
Notifications
You must be signed in to change notification settings - Fork 1.8k
DNSCrypt
Here is how to generate a DNSCrypt configuration file and point AdGuardHome to it:
-
Get the latest version of the
dnscrypt
utility for your system. -
Run:
$ dnscrypt generate --provider-name '2.dnscrypt-cert.example.org' --out ./dnscrypt.yaml
Where
example.org
is the name of your host and./dnscrypt.yaml
is the name of the configuration output file. -
In your AdGuardHome configuration file (typically
AdGuardHome.yaml
), add the following lines:'tls': # … 'port_dnscrypt': 5443 'dnscrypt_config_file': './dnscrypt.yaml'
Where
5443
is the port for your DNSCrypt server and./dnscrypt.yaml
is the name of the configuration file generated in step 2.
Here is how to generate a DNSCrypt stamp and check your installation:
-
Enter the data from your DNSCrypt configuration file. The Provider public key is the value of the
public_key
field in your DNSCrypt configuration file. Do not forget to enter the host with your custom port! -
Now you have a stamp that looks something like this:
sdns://AQcAAAAAAAAADTEyNy4wLjAuMTo0NDMg8R3bzEgX5UOEX93Uy4gYSbZCJvPeOXYlZp2HuRm8T7AbMi5kbnNjcnlwdC1jZXJ0LmV4YW1wbGUub3Jn
Check your installation by running:
$ dnscrypt lookup-stamp\ --domain 'example.com'\ --stamp 'sdns://AQcAAAAAAAAADTEyNy4wLjAuMTo0NDMg8R3bzEgX5UOEX93Uy4gYSbZCJvPeOXYlZp2HuRm8T7AbMi5kbnNjcnlwdC1jZXJ0LmV4YW1wbGUub3Jn'\ --type 'a'
Where
example.com
is the domain name to lookup.
- All platforms: dnscrypt-proxy (reference implementation) - DNSCrypt-Proxy is a command-line proxy for Linux, BSD, Windows, MacOS, Android and more.
-
Android: AdGuard for Android supports
DNSCrypt
. -
iOS: AdGuard for iOS supports
DNSCrypt
. -
iOS: DNSCloak uses dnscrypt-proxy internally and supports
DNSCrypt
. -
Windows: AdGuard for Windows supports
DNSCrypt
. - Windows: Simple DNSCrypt is a simple management tool to configure and run dnscrypt-proxy on Windows.
You can find more implementations on the DNSCrypt website.