diff --git a/configuration/hosts/litha/configuration.nix b/configuration/hosts/litha/configuration.nix
index c8445801..2ef9c44c 100644
--- a/configuration/hosts/litha/configuration.nix
+++ b/configuration/hosts/litha/configuration.nix
@@ -11,6 +11,8 @@
       ../../profiles/common
       ../../profiles/desktop
       ../../profiles/xfce
+      ../../profiles/network
+      ../../profiles/yubikey
     ];
 
   # Use the systemd-boot EFI boot loader.
@@ -21,7 +23,6 @@
 
   networking.useDHCP = false;
   networking.interfaces.enp34s0.useDHCP = true;
-  networking.networkmanager.enable = true;
 
   system.stateVersion = "20.09";
   
diff --git a/configuration/hosts/samhain/configuration.nix b/configuration/hosts/samhain/configuration.nix
index 409c051c..2ac5e960 100644
--- a/configuration/hosts/samhain/configuration.nix
+++ b/configuration/hosts/samhain/configuration.nix
@@ -9,6 +9,8 @@
       ../../profiles/gnome
       ../../profiles/gaming
       ../../profiles/development
+      ../../profiles/network
+      ../../profiles/yubikey
     ];
 
   boot.loader.systemd-boot.enable = true;
diff --git a/configuration/hosts/yule/configuration.nix b/configuration/hosts/yule/configuration.nix
index 6b28a9fb..83faf480 100644
--- a/configuration/hosts/yule/configuration.nix
+++ b/configuration/hosts/yule/configuration.nix
@@ -9,6 +9,8 @@
       ../../profiles/gnome
       ../../profiles/gaming
       ../../profiles/development
+      ../../profiles/network
+      ../../profiles/yubikey
     ];
 
   boot.loader.systemd-boot.enable = true;
diff --git a/configuration/profiles/network/default.nix b/configuration/profiles/network/default.nix
new file mode 100644
index 00000000..1cabaac3
--- /dev/null
+++ b/configuration/profiles/network/default.nix
@@ -0,0 +1,33 @@
+
+{ config, lib, pkgs, ... }:
+{
+    networking = {
+        networkmanager.enable = true;
+        resolvconf.useLocalResolver = true;
+        networkmanager.dns = "none";
+    };
+
+    services.dnscrypt-proxy2 = {
+        enable = true;
+        settings = {
+            ipv6_servers = true;
+            require_dnssec = true;
+
+            sources.public-resolvers = {
+                    urls = [
+                        "https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md"
+                        "https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md"
+                    ];
+                    cache_file = "/var/lib/dnscrypt-proxy2/public-resolvers.md";
+                    minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3";
+                };
+
+                # You can choose a specific set of servers from https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v2/public-resolvers.md
+                server_names = [ "acsacsar-ams-ipv4" "acsacsar-ams-ipv6" "dnscrypt.eu-dk" "dnscrypt.eu-dk-ipv6" "dnscrypt.eu-nl" "dnscrypt.eu-nl-ipv6" "meganerd" "meganerd-ipv6" ];
+        };
+    };
+
+    systemd.services.dnscrypt-proxy2.serviceConfig = {
+        StateDirectory = "dnscrypt-proxy2";
+    };
+}
\ No newline at end of file
diff --git a/configuration/profiles/yubikey/default.nix b/configuration/profiles/yubikey/default.nix
new file mode 100644
index 00000000..c1bf0cc2
--- /dev/null
+++ b/configuration/profiles/yubikey/default.nix
@@ -0,0 +1,12 @@
+
+{ config, lib, pkgs, ... }:
+{
+    services.pcscd.enable = true;
+    services.udev.packages = [ pkgs.yubikey-personalization ];
+
+    programs.gnupg.agent = {
+        enable = true;
+        enableSSHSupport = true;
+        pinentryFlavor = "curses";
+    };
+}
\ No newline at end of file