1.2 KiB
1.2 KiB
stubby
Get it here ! Stubby
For more information read dnsprivacy
Stubby runs on Windows, maxOS and *nix.
configuration of stubby
resolution_type: GETDNS_RESOLUTION_STUB
dnssec_return_status: GETDNS_EXTENSION_TRUE
dns_transport_list:
- GETDNS_TRANSPORT_TLS
tls_authentication: GETDNS_AUTHENTICATION_REQUIRED
tls_query_padding_blocksize: 256
edns_client_subnet_private : 1
idle_timeout: 10000
listen_addresses:
- 127.0.0.1
- 0::1
round_robin_upstreams: 1
upstream_recursive_servers:
# The RUG NS servers
- address_data: 129.125.4.130
tls_auth_name: "dnsres1.nic.rug.nl"
tls_pubkey_pinset:
- digest: "sha256"
value:
- address_data: 129.125.4.133
tls_auth_name: "dnsres2.nic.rug.nl"
tls_pubkey_pinset:
- digest: "sha256"
value:
De tls_pubkey_pinset value is a verification string, to get it :
echo | openssl s_client -connect '129.125.4.130:853' 2>/dev/null \
| openssl x509 -pubkey -noout | openssl pkey -pubin -outform der \
| openssl dgst -sha256 -binary | openssl enc -base64
Or use this one ;)
I96hqJ3Iv9Rpu4ukrDwhsmOGUertpS20JpA2gwilHrA