Hi. I know this might sound silly but how replace default tor DNS resolver on Whonix Gateway with dnscrypt, globally?
I found some info on here :
but not sure if is the right guide. thanks.
ps: i am aware of the risks of doing that.
Unsupported. (As per Frequently Asked Questions - Whonix ™ FAQ)
Some more general info on Whonix-Gateway system DNS (but info on your question):
(see the footnotes)
Alright, is Unsupported, So what other way i would have…to set a second DNS resolver on Workstation, with DNScrypt ?that should go through stream isolation rules , so is global for all app, right?
will do, thanks man : )
installed DNScrypt on workstation and ran it but doesn’t work,
i get “[ERROR] Unable to retrieve server certificates”
found some info on here
not sure what to do, tweak the firewall on gateway to allow 443/UDP ?
thanks.
You can’t tweak it. Or you break anonymity.
Use TCP. As mentioned in documentation.
–tcp-only
Related:
[quote=“Patrick, post:7, topic:1235”]You can’t tweak it. Or you break anonymity.
Use TCP. As mentioned in documentation.
–tcp-only
Related:
https://www.whonix.org/wiki/Tunnel_UDP_over_Tor[/quote]
–tcp-only used but i still get the error
im using an older version of whonix gateway, could be that the issue ?
I don’t know. Old versions are unsupported. These instructions are supposed to be applied in Whonix-Workstation. Sorry, instructions didn’t make this explicit. Installation on Whonix-Gateway is unsupported.
yep, i figured that installation on Whonix-Gateway is unsupported, instead of whonix workstation i used Ubuntu 13 x64 . I will try to setup with the latest Whonix gw & work just to see if works hmm.
done, with latest whonix, installed on workstation and same error, idk maybe update the Alternative DNS Resolver - Whonix that doesn’t work anymore or maybe some1 else can test too to confirm
more info about the issue : Double cert refresh. Normal? · Issue #27 · DNSCrypt/dnscrypt-proxy · GitHub
No time for that. Added a note in the wiki.