Can't connect to aur.archlinux.org:443

linux-aarhus · 22 July 2025 16:22

Just a shot in the dark - what about a firewall blocking outgoing connections to AUR?

E.g. pihole reading deny list from a 3rd party source which is denying AUR?

Or something similar?

andreas85 · 22 July 2025 16:39

No outgoing firewall, but the router is blocking some outgoing devices by list (not the pcs).
ping to aur.archlinux.org
curl from aur.archlinux.org:443
ping to aur.manjaro.org
curl from aur.manjaro.org:443
(neither aur.archlinux.org nor port 443 seem to be blocked)

But what is this?

soundofthunder · 22 July 2025 16:57

I was about to suggest that maybe it’s the Trizen client itself that’s being blocked… but, if Pamac is also, that’s less likely.

linux-aarhus · 22 July 2025 16:58

You cannot trust the ping.

Can you open https://aur.archlinux.org/

Can you clone using git ?

 $ git clone https://aur.archlinux.org/zoom
Cloning into 'zoom'...
remote: Enumerating objects: 853, done.
remote: Counting objects: 100% (853/853), done.
remote: Compressing objects: 100% (548/548), done.
remote: Total 853 (delta 305), reused 851 (delta 305), pack-reused 0 (from 0)
Receiving objects: 100% (853/853), 167.40 KiB | 2.89 MiB/s, done.
Resolving deltas: 100% (305/305), done.

I am thinking the trizen request is not conforming to the defined API (using curl

https://aur.archlinux.org/rpc?v=5&type=search&arg=zoom

Which returns a data similar to

{"error":"No request type/data specified.","resultcount":0,"results":[],"type":"error","version":5}

vs the endpoint as documented in goaurrpc - SwaggerUI

curl https://aur.archlinux.org/rpc/v5/search/zoom

Repeated invalid queries will be blocked by the AUR backend.

I think I saw somewhere the block last 24H.

So my advise is to check all your systems and remove trizen - like it or not - if you really must you can add it back when you have solved the mystery.

Then you will have to wait for 24H to expire - be sure no system is accessing AUR via the API.

//EDIT: 2025-07-23T03:28:00Z

I have - just now - had a closer look at the documentation page for the rpc - it looks like the querystring method used by trizen is supported as well.

Search from command line

 $ curl --get --data 'v=5' --data 'type=info' --data 'arg=zoom' https://aur.archlinux.org/rpc
{"resultcount":1,"results":[{"Depends":["fontconfig","glib2","libpulse","libsm","ttf-font","libx11","libxtst","libxcb","libxcomposite","libxfixes","libxi","libxcursor","libxkbcommon-x11","libxrandr","libxrender","libxshmfence","libxslt","mesa","nss","xcb-util-image","xcb-util-keysyms","xcb-util-cursor","dbus","libdrm","gtk3","qt5-webengine","qt5-remoteobjects"],"Description":"Video Conferencing and Web Conferencing Service","FirstSubmitted":1439644694,"ID":1768148,"Keywords":["call","conference","meeting","video"],"LastModified":1751423128,"License":["LicenseRef-zoom"],"Maintainer":"edh","Name":"zoom","NumVotes":696,"OptDepends":["pulseaudio-alsa","ibus","picom","xcompmgr"],"OutOfDate":1752520472,"PackageBase":"zoom","PackageBaseID":97673,"Popularity":6.597552,"Submitter":"edh","URL":"https://zoom.us/","URLPath":"/cgit/aur.git/snapshot/zoom.tar.gz","Version":"6.5.3-1"}],"type":"multiinfo","version":5}

//EDIT: 2025-07-23T03:42:00Z

@andreas85 : To recap what we know

You can ping aurweb service - meaning DNS is not the issue
You cannot open aurweb in your browser (https)
You cannot clone using git from the command line (https)
An AUR Time Out last 24H

When the 24H has elapsed - can you clone using ssh?

ssh://aur@aur.archlinux.org/zoom.git

Re 1: On network level the ping (ICMP) package are allowed all the way to the IP address of aur.archlinux.org.
This tells us that routing work.

Re 2 /3: On network level traffic destined for port 443 on host aur.archlinux.org is blocked.
This tells us that somewhere the traffic is derailed and never reaches the destination.

Re 4: I don’t think you are on a Time Out because this would have returned
HTTP 429 Too Many Requests

To identify the hop which derails the traffic you can use traceroute and using options to specify the port and protocol to use and because of these options set it requires elevate privileges to run

Example

 $ sudo traceroute --as-path-lookups --tcp --port=443 aur.archlinux.org
traceroute to aur.archlinux.org (95.216.144.15), 30 hops max, 60 byte packets
 1  unifi.net.nix.dk (172.30.x.1) [*]  0.233 ms * *
 2  * * 80.209.x.129.static.fibianet.dk (80.209.x.129) [AS44869]  1.016 ms
 3  89.150.69.122 (89.150.69.122) [AS44869]  3.844 ms * *
 4  89.150.71.250 (89.150.71.250) [AS44869]  4.564 ms * *
 5  ae2.core01-tkbg.bb.fibianet.dk (89.150.64.25) [AS44869]  5.990 ms * *
 6  * * *
 7  * * *
 8  217.74.211.104 (217.74.211.104) [AS31027]  3.166 ms * *
 9  194.182.97.132 (194.182.97.132) [AS31027]  3.814 ms * *
10  212.112.170.208 (212.112.170.208) [AS12552]  3.423 ms * *
11  146.247.200.189 (146.247.200.189) [AS12552]  19.524 ms * *
12  * * *
13  core31.hel1.hetzner.com (213.239.224.38) [AS24940]  26.589 ms * *
14  * * *
15  spine2.cloud1.hel1.hetzner.com (213.239.228.26) [AS24940]  27.310 ms * *
16  * * *
17  13228.your-cloud.host (95.216.131.49) [AS24940]  26.792 ms * *
18  * aur.archlinux.org (95.216.144.15) [AS24940]  26.605 ms *

You can use the AS number to find the NOC for the given network.

This is entirely speculation - I have absolutely no documentation - it is a thought of the remote possibility that aur.archlinux.org has been added to a deny list for the reason of being a possible malware host.

andreas85 · 22 July 2025 17:09

You are right:

git clone https://aur.archlinux.org/zoom.git
Klone nach 'zoom'...
Schwerwiegend: konnte nicht auf 'https://aur.archlinux.org/zoom.git/' zugreifen: Failed to connect to aur.archlinux.org port 443 after 48 ms: Could not connect to server

While looking into my router, i noticed that i got an router-update from my provider to Fritz os8.03

So i have to look if something has changed now.

It seems nothing major has changed. I tried to disconect, to get an other IP, but it failed (it reconnected, and i got the same IP)

soundofthunder · 22 July 2025 18:31

Have you tried connecting via Cloudflare?

Nachlese · 22 July 2025 19:05

I’ve got the same version of Fritz OS - on a Fritz!Box 6660 Cable

Perhaps try:
Internet → Online Monitor → second tab: Connection Details

At the bottom of the page they say:

Click on the “Reconnect” button once to clear the internet connection briefly and then automatically resume it within 30 seconds. When you do this the FRITZ!Box generally receives a new IP address and a new IPv6 prefix from your internet service provider.

and there is a clickable link “Reconnect”

Other than that:
System → Backup → Factory Settings …

Or pull the power plug, go to sleep, and plug it in again in the morning …

andreas85 · 24 August 2025 13:48

I would like to thank everyone who tried to help me.

The solution:

As we now know, the AUR was attacked, and the operators were desperately trying to fend off the attack. This seems to have been going on for some time. It seems to have been a game of cat and mouse. The attacks couldn’t be fended off for a long time. In this process, I seem to have become collateral damage, as an entire address block (or blocks) was blocked. That’s why I couldn’t even access the AUR website. So this has absolutely nothing to do with the local firewall, local routing, or trizen / pamac.

My IP was blocked by Arch’s measures!

I tried accessing aur.archlinux.org today. And it works. After that, I started trizen. Everything works as if nothing ever had happened.

This is no real solution, but i don´t know anything better as to mark it as solved

Addition:

:: Unable to GET https://aur.archlinux.org/rpc?v=5&type=multiinfo&arg[]=find-the-command&arg[]=lib32-libva-vdpau-driver&arg[]=libva-vdpau-driver&arg[]=libvisual&arg[]=libxcomp&arg[]=manjaro-aur-support&arg[]=nx-x11&arg[]=nxagent&arg[]=oh-my-zsh&arg[]=python-manjaro-sdk&arg[]=rc-local&arg[]=trizen&arg[]=upd72020x-fw&arg[]=web-installer-url-handler&arg[]=x2goserver ==> 429 Too Many Requests
:: Unable to get info for AUR packages...

==> 429 Too Many Requests
Apparently, they’ve now limited the number of requests per IP. (Makes sense, of course). The only problem is that my four computers always display the same IP address to the outside world
So I’ll just have to update each computer one per day if I want to update the AUR packages. (But that’s bearable compared to being completely blocked.)

andreas85 · 27 August 2025 13:49

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.

andreas85 · 18 September 2025 18:47

I thought that solved the problem.

I could live with only being able to update one of my PCs per day.

But I’m permanently locked out again!

I can occasionally access aur.archlinux.org from my work computer. Absolutely not from my private network. All day long, every day. And then the http page appears with the text “forbidden”.

So I felt compelled to look for a free VPN. ProtonVPN offers a free plan that’s perfectly sufficient for updating the AUR packages on my computer.

Luckily, there are good instructions at:

The appropriate client is also available in the extra repository (I can’t access the AUR right now, unfortunately )

I signed up with Proton, activated 2FA, followed the instructions above, and then simply launched the app and logged in.

AUR updates are working again with `trizen` (yay!!!)

Thank you so much for the excellent and detailed instructions.