Fresh install doesn't work
NightMachinery opened this issue · 1 comments
NightMachinery commented
I installed it using
docker run --name=dnscrypt-server \
-v /etc/dnscrypt-server/zones:/opt/unbound/etc/unbound/zones \
-p 5004:5004/udp -p 5004:5004/tcp --net=host \
--restart=unless-stopped \
jedisct1/dnscrypt-server init -N example.com -E '51.178.215.202:5004'
It says:
[INFO ] Public server address: 51.178.215.202:5004
[INFO ] Provider public key: e3e94f48e913018bbf991763bedcc398a50f6dfb0a7614250966a5b42e43c734
[INFO ] Provider name: 2.dnscrypt-cert.example.com
[INFO ] DNS Stamp: sdns://AQcAAAAAAAAAEzUxLjE3OC4yMTUuMjAyOjUwMDQg4-lPSOkTAYu_mRdjvtzDmKUPbfsKdhQlCWaltC5DxzQbMi5kbnNjcnlwdC1jZXJ0LmV4YW1wbGUuY29t
Testing it on the server (host of the docker container):
❯ dig @51.178.215.202 -p 5004 facebook.com
; <<>> DiG 9.11.3-1ubuntu1.14-Ubuntu <<>> @51.178.215.202 -p 5004 facebook.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
PS: It's still up, you can test it yourself.
jedisct1 commented
The dig
command sends unencrypted queries. The whole point of this container is to encrypt DNS :)
You need to use the sdns://AQcAAAAAAAAAEzUxLjE3OC4yMTUuMjAyOjUwMDQg4-lPSOkTAYu_mRdjvtzDmKUPbfsKdhQlCWaltC5DxzQbMi5kbnNjcnlwdC1jZXJ0LmV4YW1wbGUuY29t
stamp, with a client such as dnscrypt-proxy
or dnslookup
.