Rate-mirrors-bin questions

Is there a way(I’m sure there is lol) using rate-mirrors-bin to sort by only countries that i want using only https, https update servers more secure?

1.United States
2.United Kingdom


A few things:

  • You can limit by protocol with something like:
    • rate-mirrors --protocol=https --protocol=http arch
  • http isn’t secure
  • I am not sure if there is a way to limit by country but even if there was, it seems like it would be very limiting to how rate-mirrors works. It isn’t like reflector. What makes it so powerful is the way it searches and finds better mirrors

Thank you, much appreciated. :+1:t3:

@dalto would this be correct?

rate-mirrors --protocol=https arch | sudo tee /etc/pacman.d/mirrorlist
1 Like

@dalto That indeed worked, I used

rate-mirrors --protocol=https arch | sudo tee /etc/pacman.d/mirrorlist

This is now at the bottom of my mirror list

# FINISHED AT: 2021-11-25 14:45:21.908793966 -05:00
Server = https://mirrors.kamey.tk/archlinux/$repo/os/$arch
Server = https://arch.mirror.constant.com/$repo/os/$arch
Server = https://mirror.sergal.org/archlinux/$repo/os/$arch
Server = https://mirror.csclub.uwaterloo.ca/archlinux/$repo/os/$arch
Server = https://america.mirror.pkgbuild.com/$repo/os/$arch
Server = https://arch.mirror.jsc.mx/$repo/os/$arch
Server = https://mirror.cyberbits.eu/archlinux/$repo/os/$arch
Server = https://mirror.f4st.host/archlinux/$repo/os/$arch
Server = https://archlinux.mailtunnel.eu/$repo/os/$arch
Server = https://mirror.ams1.nl.leaseweb.net/archlinux/$repo/os/$arch
Server = https://archlinux.uk.mirror.allworldit.com/archlinux/$repo/os/$arch
Server = https://mirror.smith.geek.nz/archlinux/$repo/os/$arch
Server = https://mirrors.cat.net/archlinux/$repo/os/$arch
Server = https://mirrors.melbourne.co.uk/archlinux/$repo/os/$arch
Server = https://archlinux.thaller.ws/$repo/os/$arch
Server = https://ftp.jaist.ac.jp/pub/Linux/ArchLinux/$repo/os/$arch

Thanks again!


A convenience of rate-mirrors over reflector is that it will usually give you a great list of mirrors without any options. Typically it is sufficient to just run it with:

rate-mirrors arch

and redirect its standard output to your mirror list file (for example, using sudo tee).

Regarding http vs. https protocols, https is encrypted and thus any information send through it cannot be intercepted by a third party. In practice, however, I don’t think that makes a lot of difference, since pacman typically checks signatures of packages before installing them (at least it does for the official repos). In practice, I don’t think an attacker could abuse the http protocol to serve you a modified version of a package. The only security concern that comes to my mind is that http traffic can easily be monitored, so a malicious third party could make logs of packages you’re updating and keep a profile of you.

That said, http mirrors tend to be much faster than https mirrors.

Perhaps I am wrong about this, in which case, I would appreciate someone correcting me.


Thanks for sharing that info. :+1:t3:

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.