You are not logged in.
Hello all.
I'm a long term Debian user (since 1998 I think), currently I'm using Debian testing and sometimes Linux Mint. I'm thinking to try Devuan too.
Last days I was reading about activate DoT (DNS over TLS), in Debian wiht systemd it seems relay on NetworkManager and a systemd optional service. But I was searching about implement it in a installation without systemd (Devuan), but I couldn't any info.
How would be such a service in Devuan?
Best regards and thanks in advanced
Offline
The closest that I've been able to find is Trust-DNS (dns-over-https + dns-over-rustls).
Here are search results showing all variants:
$ apt search Trust-DNS
Sorting... Done
Full Text Search... Done
librust-async-std-resolver-dev/stable 0.22.0-1+b1 amd64
Trust-DNS is a safe and secure DNS library, for async-std - Rust source code
librust-trust-dns-client-dev/stable 0.22.0-2 amd64
Trust-DNS is a safe and secure DNS library - Rust source code
librust-trust-dns-proto-dev/stable 0.22.0-4 amd64
Trust-DNS is a safe and secure DNS library - Rust source code
librust-trust-dns-resolver-dev/stable 0.22.0-2 amd64
Trust-DNS is a safe and secure DNS library - Rust source code
librust-trust-dns-server+backtrace-dev/stable 0.22.0-2 amd64
Trust-DNS is a safe and secure DNS server with DNSSec support - feature "backtrace"
librust-trust-dns-server+dns-over-https-dev/stable 0.22.0-2 amd64
Trust-DNS is a safe and secure DNS server with DNSSec support - feature "dns-over-https"
librust-trust-dns-server+dns-over-https-rustls-dev/stable 0.22.0-2 amd64
Trust-DNS is a safe and secure DNS server with DNSSec support - feature "dns-over-https-rustls"
librust-trust-dns-server+dns-over-openssl-dev/stable 0.22.0-2 amd64
Trust-DNS is a safe and secure DNS server with DNSSec support - feature "dns-over-openssl" and 2 more
librust-trust-dns-server+dns-over-rustls-dev/stable 0.22.0-2 amd64
Trust-DNS is a safe and secure DNS server with DNSSec support - feature "dns-over-rustls"
librust-trust-dns-server+dnssec-openssl-dev/stable 0.22.0-2 amd64
Trust-DNS is a safe and secure DNS server with DNSSec support - feature "dnssec-openssl"
librust-trust-dns-server+dnssec-ring-dev/stable 0.22.0-2 amd64
Trust-DNS is a safe and secure DNS server with DNSSec support - feature "dnssec-ring"
librust-trust-dns-server+h2-dev/stable 0.22.0-2 amd64
Trust-DNS is a safe and secure DNS server with DNSSec support - feature "h2"
librust-trust-dns-server+http-dev/stable 0.22.0-2 amd64
Trust-DNS is a safe and secure DNS server with DNSSec support - feature "http"
librust-trust-dns-server+openssl-dev/stable 0.22.0-2 amd64
Trust-DNS is a safe and secure DNS server with DNSSec support - feature "openssl"
librust-trust-dns-server+rusqlite-dev/stable 0.22.0-2 amd64
Trust-DNS is a safe and secure DNS server with DNSSec support - feature "rusqlite" and 1 more
librust-trust-dns-server+rustls-dev/stable 0.22.0-2 amd64
Trust-DNS is a safe and secure DNS server with DNSSec support - feature "rustls"
librust-trust-dns-server+tokio-openssl-dev/stable 0.22.0-2 amd64
Trust-DNS is a safe and secure DNS server with DNSSec support - feature "tokio-openssl"
librust-trust-dns-server+tokio-rustls-dev/stable 0.22.0-2 amd64
Trust-DNS is a safe and secure DNS server with DNSSec support - feature "tokio-rustls"
librust-trust-dns-server+trust-dns-resolver-dev/stable 0.22.0-2 amd64
Trust-DNS is a safe and secure DNS server with DNSSec support - feature "trust-dns-resolver" and 1 more
librust-trust-dns-server-dev/stable 0.22.0-2 amd64
Trust-DNS is a safe and secure DNS server with DNSSec support - Rust source code
Offline
Are you looking for a local DNS cache or DNS resolver?
Like e.g. dnsmasq or unbound. Most likely these can be configured to use encrypted connections.
Edit: Just the colour.
Last edited by delgado (2023-10-14 17:19:54)
Offline
Hello.
I'm not sure about, I don't know much about this topic, I'm learning now.
In https://dns0.eu there are some lines setting up something, I suppose is for a resolver, not a cache.
I'd like to know how to setup something like this but without systemd.
Regards
Offline
IMO your best option is to run unbound as a local caching resolver. This is what OpenBSD does, and configuration examples for such should be easy enough to adapt.
Pretty sure dnsmasq can do this as well, if you prefer it.
Once is happenstance. Twice is coincidence. Three times is enemy action. Four times is Official GNOME Policy.
Offline