Andreas Taudte3d ago
The dnscrypt-proxy is a local #DNS proxy with a surprisingly deep feature set ( https://github.com/DNSCrypt/dnscrypt-proxy ). It supports #EncryptedDNS via #DNSCrypt or #DoH and it can also add extra privacy with #ODoH and anonymized relays. You can apply policy-based resolver selection requiring #DNSSEC, #IPv6, or privacy properties like #NoLog and #NoFilter.
makepkg6d ago

DoH vs DNSCrypt: technical comparison 🔐

**DNSCrypt:**
✅ No insecure bootstrap
✅ No CA dependency
✅ Resistant to CA compromise
✅ Can hide client IP (Anonymized DNSCrypt)
❌ Less common support

**DoH:**
✅ IETF-standardized (RFC 8484)
✅ Port 443 (blends with HTTPS)
✅ Self-hostable
✅ Browser native support
✅ Harder to detect/block
❌ Requires TLS bootstrap

My: self-hosted DoH → Unbound. Zero third parties, encrypted.

#DNS #Privacy #Security #DoH #DNSCrypt #Encryption #FOSS #Networking

cobratbq - cranky-by-designFeb 7
I noticed #Quad9 #DNScrypt servers haven't upgraded yet to #XChaCha20 from #XSalsa20. I'm getting warnings, though I don't think it's actually an issue. I wondered if there's any identifying value to it, but that algorithm indicator is actually part of the cert construction and not the client-server communication. I wonder if there's any benefit other than: algo improvements (diffusion; wikipedia), and standardization.
Show threadReally Lazy Bear Jan 20

LOL, I was trying to figure out why dnscrypt-proxy wouldn't resolve on port 5053. Turns out the ListenStream and ListenDatagram on /usr/lib/systemd/system/dnscrypt-proxy.socket was set to 127.0.2.1#53. I just changed the port to 5053, not seeing the third digit was set to 2, not 0. It took me some minutes to see that !

I was following this guide, pretty easy, but I gotta say that "2" was pretty sneaky, but it's alright now: https://docs.pi-hole.net/guides/dns/dnscrypt-proxy/

#dnscrypt #pihole

dnscrypt-proxy (DoH) - Pi-hole documentation

Show threadEFJan 18
@vermaden it i amazing how light you can make many OSs. My #alpinelinux server on a RPi4 was 40MB running #dnsmasq #chrony. Since added #dnscrypt-proxy and #nut-server.
Freifunk MünchenJan 3

We are deprecating #DNSCrypt support.

https://ffmuc.net/services/dns/2026/01/03/dnscrypt-abschaltung/

Maintenance cost (in an Anycast setup) is too high for so little usage that's why we decided to deprecate it.

#DNS

Abschaltung von DNSCrypt

Freifunk München
Patch Notification Robot 🔔Dec 10
Frank Denis released #dnscrypt-proxy version 2.1.15. https://github.com/DNSCrypt/dnscrypt-proxy
E-TARD The LifeCasterNov 19

So #OPNsense is driving me a little crazy🤪, with stuff like:
On DnsCrypt‑Proxy when adding stamps, the stamps spec defines to include the sdns:// prefix but unless you tick the help on the right corner of the add overlay, you will not see that OPNsense does not want you to add the sdns:// prefix🤪😠
Wasting my time in trying to fix #DNScrypt

What is making me crazy mad to no end!🤪😠
Is how outdated the OPNsense manual is!!

#Networking #Network #Networks #DNS #Router #Routers #OpenSource #Firewall

🤖Nov 13

DNSCrypt for Home Assistant has been updated to Version: 2025.11.13

👉🏻 https://github.com/linickx/addon-dnscrypt-proxy

Rebuild triggered by [2025.11.0](https://github.com/home-assistant/docker-base/releases/tag/2025.11.0)

Upstream Release Notes (only Alpine applies):

```
What’s Changed
Drop Alpine 3.19 builds (#322) @sairon
Reduce number of layers and optimize build of the base-python images (#321) @sairon
```

#HomeAssistant #DNSCrypt #DNSCryptProxy

/cc @linickx

GitHub - linickx/addon-dnscrypt-proxy: A Home Assistant add-on implementation of DNSCrypt Proxy

A Home Assistant add-on implementation of DNSCrypt Proxy - linickx/addon-dnscrypt-proxy

GitHub
Anand   Sep 10

What private DNSCrypt or DNS-over-HTTPS services running some foss software do you use?
Preferably owned and hosted in Europe.

#askfedi #dns #dnscrypt #doh #dns_over_https_doh