Arch Linux AUR Hit by DDoS Attack, Halting Package Updates
The Arch Linux team has confirmed a significant distributed denial-of-service (DDoS) attack targeting the Arch User Repository (AUR) infrastructure. In response, engineers activated DDoS protection for the aur.archlinux.org server to mitigate the disruption and maintain website availability.
While this measure keeps the AUR website online, it has a major side effect: the protection system is blocking incoming SSH connections on port 22. This prevents package maintainers from pushing new packages or updating existing ones.
Impact on Users and Maintainers
- What works: Users can still browse, download, and install existing AUR packages. The web interface and helper tools like
yayandparuremain functional as they rely on unaffected HTTP access. - What's blocked: Maintainers cannot publish new packages, submit updates, or fix build issues via SSH until the connection is restored.
Part of a Broader Attack Campaign
This incident is part of a larger, ongoing DDoS campaign that began in mid-August, causing periodic outages across various Arch Linux services. Despite the repeated attacks, the team has chosen not to publicly disclose details about their origin or nature. The broader campaign has previously impacted several key platforms:
- The main project website
- The Arch User Repository (AUR)
- The Arch Wiki
- Community forums
- The project's GitLab instance
153
Comments
Please log in to add comments.
Loading comments...