DNSCrypt

DNSCrypt is a protocol that encrypts, authenticates and optionally anonymizes communications between a DNS client and a DNS resolver. It prevents DNS spoofing. It uses cryptographic signatures to verify that responses originate from the chosen DNS resolver and haven’t been tampered with.

It is an open specification, with free and open source reference implementations, and it is not affiliated with any company nor organization.

Free, DNSCrypt-enabled resolvers are available all over the world.

Source: dnscrypt.info/

Our DNSCrypt server is behind Unbound which includes DNSSEC.

It also supports Anonymized DNS.
And of course, no logs enabled.

Table of Contents

Install on your device
Config file

Install on your device

Follow the link and select your operating system.

Config file

server_names

Change your dnscrypt-proxy.toml config file.
server_names = ['pwoss.org']`

Sources

Disable all.
[sources]

Anonymized DNS

Go to the bottom routes = [ and add:

routes = [
    { server_name='2.dnscrypt-cert.pwoss.org', via=['sdns://gRM0NS4xNDIuMTc2LjE3MDo0NDM0'] }
]

Static

Scroll down to the bottom and add PwOSS server in static and stamp:

[static.'pwoss.org']
    stamp = 'sdns://AQcAAAAAAAAAEzQ1LjE0Mi4xNzYuMTcwOjQ0MzQgZF8FTkuFVFw6YP5x8ydebnTb8ONP7Ti6P0K1REyhUHgZMi5kbnNjcnlwdC1jZXJ0LnB3b3NzLm9yZw'

Restart the service or reconnect your client.

Check your connection with dnsleaktest.com.

PwOSS - Wiki

dnscrypt