November 29, 2019

dnscrypt-proxy on systemd targets (at least Ubuntu)

If you ever tried to run dnscrypt-proxy on a recent Ubuntu 18, you will likely encounter something like this:

[FATAL] listen udp bind: permission denied

Well, turns out that the systemd configuration file isn't allowing dnscrypt-proxy to bind to priviledged ports (everything less than 1024).

The fix is simple. Modify your systemd configuration file , in my case located at


and add

# Add capabilities to bind to privileged ports

somewhere within the [Services] section. Bad thing is that it seems to overwrite that configuration file on an update. Yikes.