jedisct1/dnscrypt-server-docker

Fresh install doesn't work

NightMachinery opened this issue · 1 comments

I installed it using

docker run --name=dnscrypt-server \
    -v /etc/dnscrypt-server/zones:/opt/unbound/etc/unbound/zones \
    -p 5004:5004/udp -p 5004:5004/tcp --net=host \
    --restart=unless-stopped \
    jedisct1/dnscrypt-server init -N example.com -E '51.178.215.202:5004'

It says:

[INFO ] Public server address: 51.178.215.202:5004
[INFO ] Provider public key: e3e94f48e913018bbf991763bedcc398a50f6dfb0a7614250966a5b42e43c734
[INFO ] Provider name: 2.dnscrypt-cert.example.com
[INFO ] DNS Stamp: sdns://AQcAAAAAAAAAEzUxLjE3OC4yMTUuMjAyOjUwMDQg4-lPSOkTAYu_mRdjvtzDmKUPbfsKdhQlCWaltC5DxzQbMi5kbnNjcnlwdC1jZXJ0LmV4YW1wbGUuY29t

Testing it on the server (host of the docker container):

❯ dig @51.178.215.202 -p 5004 facebook.com                                                                                   

; <<>> DiG 9.11.3-1ubuntu1.14-Ubuntu <<>> @51.178.215.202 -p 5004 facebook.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

PS: It's still up, you can test it yourself.

The dig command sends unencrypted queries. The whole point of this container is to encrypt DNS :)

You need to use the sdns://AQcAAAAAAAAAEzUxLjE3OC4yMTUuMjAyOjUwMDQg4-lPSOkTAYu_mRdjvtzDmKUPbfsKdhQlCWaltC5DxzQbMi5kbnNjcnlwdC1jZXJ0LmV4YW1wbGUuY29t stamp, with a client such as dnscrypt-proxy or dnslookup.