HomeTechnologyLinuxHow to use DNS over TLS on Ubuntu Linux

How to use DNS over TLS on Ubuntu Linux

If you are interested in computer security, you probably know how standard DNS isn't. Why? Because, by default, DNS queries are not encrypted. That means DNS can (and often is) exploited. To overcome that weakness, DNS can be used in which all DNS queries are processed via the encrypted TLS (Transport Layer Secure) protocol. However, most operating systems do not work with DNS over TLS (DoT).

Fortunately, Linux users can simply make this a reality.

Today's article will show you how easy it is to add DNS over TLS on Ubuntu 18.04. To do this, the article will use Stubby, an open source primitive DNS handler, that encrypts the DNS queries sent from the client to the DNS Privacy resolver, helping to enhance the privacy of people. end use. The installation process will be done on Ubuntu Desktop 18.04. All you need is the latest version of this Ubuntu platform and the user account with sudo rights. Find out the installation process right away!

Manage DNS over TLS on Ubuntu Linux with Stubby

  1. Setting
  2. Check the settings
  3. Stubby configuration
  4. Use Stubby

Setting

Installing Stubby is easy. Open a terminal window and enter the following commands:

 sudo apt-get update sudo apt-get install stubby

When the installation is complete, start and activate Stubby with the following commands:

 sudo systemctl start stubby sudo systemctl enable stubby

Check the settings

Use the netstat tool to make sure Stubby is properly installed. If netstat is not installed, do so with the following command:

 sudo apt-get install net-tools

When this installation is complete, enter the following command:

 sudo netstat -lnptu | grep stubby

You will see that Stubby is 'listening' to localhost (127.0.0.1) on port 53.

How to use DNS over TLS on Ubuntu Linux Picture 1

Stubby configuration

Stubby is running perfectly well. If you want to make any configuration changes, look for the configuration file in /etc/stubby/stubby.yml. In that file, you will notice, Stubby uses (by default) the DNS services that support TLS:

  1. dnsovertls.sinodun.com
  2. dnsovertls1.sinodun.com
  3. getdnsapi.net

Below, you will find the Additional servers section. There are several DNS servers over other TLS available here, such as:

  1. dns.quad9.net
  2. unicast.censurfridns.dk
  3. dnsovertls3.sinodun.com
  4. dnsovertls2.sinodun.com
  5. dns.cmrg.net
  6. dns.larsdebruin.net
  7. securedns.eu

Some additional servers are listed with conditions that describe weaknesses or features that do not work. Users can also add additional DNS over TLS servers in this section. For example, Cloudflare DNS over TLS servers can be added as follows:

 #CloudFlare DNS over TLS servers - address_data: 1.1.1.1 tls_auth_name: "cloudflare-dns.com" - address_data: 1.0.0.1 tls_auth_name: "cloudflare-dns.com"

Use Stubby

At this point, users need to notify Systemd to actually use Stubby for DNS queries. To do so, open the Network Settings application and click the gear icon associated with your network connection. In the results window, click the IPv4 tab and set DNS Automatic to OFF. Next, in the DNS text field, enter 127.0.0.1. Click Save to apply the changes.

How to use DNS over TLS on Ubuntu Linux Picture 2

To help the system identify changes, enter the command:

 sudo systemctl restart NetworkManager

That's all the steps to do. Stubby is currently responsible for handling DNS over TLS. Your DNS queries are now encrypted, so you can be a bit more secure about Ubuntu Desktop.

Good luck!

See more:

  1. Set up ProFTPd with TLS on Ubuntu 11.04
  2. How to change Google DNS on Linux
  3. How to configure DNS Server on Ubuntu Server 11.04
5 ★ | 1 Vote
DNS over TLSUbuntulinux

You should read it

May be interested

  • How to fix broken packages in UbuntuPhoto of How to fix broken packages in Ubuntu
    apt, ubuntu's package manager, is one of the most powerful and intuitive tools, but that doesn't mean that this manager never happens to be a problem.
  • 11 great LXDE themes for LinuxPhoto of 11 great LXDE themes for Linux
    the default theme that comes with lxde desktop environment is outdated and extremely bland. but don't worry! because this desktop environment is on linux, users can freely change their preferences.
  • How to take a screenshot of the login screen in LinuxPhoto of How to take a screenshot of the login screen in Linux
    there are many screen capture utilities available for linux and most work very well. but strangely, none of these tools have the ability to take a screenshot of the login screen.
  • Instructions for using zforce command on LinuxPhoto of Instructions for using zforce command on Linux
    the gzip command is a popular tool used to compress / decompress files in linux. tipsmake.com presents the basics of this tool in the article: some basic terminal commands in linux mint 11.
  • How to install Composr CMS on Ubuntu 18.04 LTSPhoto of How to install Composr CMS on Ubuntu 18.04 LTS
    composr is a free and open source cms with advanced interactive functions. it is written in php language and uses mariadb to store data.
  • How to install Spotify on LinuxPhoto of How to install Spotify on Linux
    spotify has actually supported linux for a long time. although most distributions do not include this application in the repository for license reasons, it is not really difficult to install this official player on a linux pc.

Linux