The version I currently have installed is 0.2.5. This means I cannot specify what ciphers I want to use, if I'm not mistaken. As LazyAspect said, last version of Stubby does not support cipher types change.
I have placed an argument below in the final expected file output, is the syntax/placement correct?ģ. Can I add the argument " tls_port:443" as a parameter without service being interfered since assuming traffic on port 853 can be easily sniffed to figure out someone is using DoT protocol. "dnssec_return_status: GETDNS_EXTENSION_TRUE"Ģ. I could not find any use of the following argument in the latest wiki is this arguments really required today? I do realize that I would have to change the values when the cert expires and new cert is uploaded.ġ. digest: "sha256" value:ybDpit7lTjHwhKRdnqfDxfyg+SDCnCafOtmZJAb9Foc= I could potentially modified the configuration file as : This is also verified against the presented certificate." As mentioned in the wiki " tls_pubkey_pinset: The sha256 SPKI pinset for the server. I read that the "digest" and "value" (hash) actually add to an authentication process.
Tls_authentication: GETDNS_AUTHENTICATION_REQUIREDīefore copying this to my stubby configuration file, I need to make sure the syntax and strings are correct & If I could add any more arguments to improve the overall network security such that It works and wont brick my networking once I implement it Any suggestions/mistakes to be rectified / or improvements I could implement?ĭnssec_return_status: GETDNS_EXTENSION_TRUE The input in the file is as follows & I'm wondering if its correct. I could compromise a little bit of Performance since it isn't a top priority, Network Security however is, keeping that in mind. I would really appreciate if you folks could rectify/verify the file before I implement it system-wide and NOT end up breaking the networking. I made a configuration to use AdguardDNS with stubby. Click to expand.So I read the documentation about stubby and a few other wikis and forums.
0 kommentar(er)
