unable to connect to Arlo: authentication failed

[juju159]

Hello @twrecked
Since the begin of this week, i have authentication failed issue when aarlo plugin is starting up even with the b18 version
unable to connect to Arlo: attempt=1,sleep=15,error=authentication failed
unable to connect to Arlo: attempt=2,sleep=30,error=authentication failed
unable to connect to Arlo: attempt=3,sleep=60,error=authentication failed
unable to connect to Arlo: attempt=4,sleep=120,error=authentication failed.

remove aarlo.pickle has no effect.

Config file

aarlo:
username: [email protected]
password: xxxxxx
refresh_devices_every: 2
verbose_debug: True
stream_timeout: 120
reconnect_every: 90
backend: sse
save_session: False
BR.
J.

[twrecked]

Anything in homeassistant.log?

And can you try deleting .aarlo/session.pickle?

[christofferdanielsson]

Same problem here.

[juju159]

Anything in homeassistant.log?

And can you try deleting .aarlo/session.pickle?

Yes I tried to remove aarlo/session.pickle & restart

Please have a look on a part on my log ;)
BR.
Julien

<title>Attention Required! | Cloudflare</title> <style>body{margin:0;padding:0}</style> <script> if (!navigator.cookieEnabled) { window.addEventListener('DOMContentLoaded', function () { var cookieEl = document.getElementById('cookie-alert'); cookieEl.style.display = 'block'; }) } </script>

Please enable cookies.

Sorry, you have been blocked

You are unable to access ocapi-app.arlo.com

  <div class="cf-section cf-highlight">
    <div class="cf-wrapper">
      <div class="cf-screenshot-container cf-screenshot-full">
        
          <span class="cf-no-screenshot error"></span>
        
      </div>
    </div>
  </div><!-- /.captcha-container -->

  <div class="cf-section cf-wrapper">
    <div class="cf-columns two">
      <div class="cf-column">
        <h2 data-translate="blocked_why_headline">Why have I been blocked?</h2>

        <p data-translate="blocked_why_detail">This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.</p>
      </div>

      <div class="cf-column">
        <h2 data-translate="blocked_resolve_headline">What can I do to resolve this?</h2>

        <p data-translate="blocked_resolve_detail">You can email the site owner to let them know you were blocked. Please include what you were doing when this page came up and the Cloudflare Ray ID found at the bottom of this page.</p>
      </div>
    </div>
  </div><!-- /.section -->

  <div class="cf-error-footer cf-wrapper w-240 lg:w-full py-10 sm:py-4 sm:px-8 mx-auto text-center sm:text-left border-solid border-0 border-t border-gray-300">

Cloudflare Ray ID: xxxxxxxxxxxx • Your IP: Click to reveal X.X.X.X • Performance & security by Cloudflare

<script>(function(){function d(){var b=a.getElementById("cf-footer-item-ip"),c=a.getElementById("cf-footer-ip-reveal");b&&"classList"in b&&(b.classList.remove("hidden"),c.addEventListener("click",function(){c.classList.add("hidden");a.getElementById("cf-footer-ip").classList.remove("hidden")}))}var a=document;document.addEventListener&&a.addEventListener("DOMContentLoaded",d)})();</script>

</div><!-- /#cf-error-details -->

<script> window._cf_translation = {}; </script>

2023-07-06 19:31:36.136 DEBUG (MainThread) [zigpy.appdb] SQLite version for <module 'sqlite3' from '/usr/local/lib/python3.10/sqlite3/init.py'>: 3.40.1
2023-07-06 19:31:36.298 INFO (Thread-3 (_thread_main)) [roombapy.roomba] Connecting to Roomba 192.168.1.194
2023-07-06 19:31:36.898 ERROR (SyncWorker_4) [pyaarlo] authentication failed
2023-07-06 19:31:36.913 DEBUG (SyncWorker_4) [pyaarlo] failed to log in
2023-07-06 19:31:36.920 DEBUG (ArloMediaDownloader) [pyaarlo] not starting downloader
2023-07-06 19:31:36.948 ERROR (SyncWorker_4) [custom_components.aarlo] unable to connect to Arlo: attempt=1,sleep=15,error=authentication failed

[djjoakim]

Same here, tried downgrading to all other versions and also tried the new v18 just released, still dosen't work :(
Config;

aarlo:
username:
password: !secret
tfa_host: imap.gmail.com
tfa_username:
tfa_password: !secret
hide_deprecated_services: true
refresh_devices_every: 2
stream_timeout: 120

reconnect_every: 90

backend: sse

[twrecked]

It's the cloudflare issue, if somebody wants to post in their logs - see here and here to encryption - I'll take a look.

Also, one guy found that changing the cloudscraper parameters to this helped fix his issue. On line 854 of background.py:

            # change this
            self._session = cloudscraper.create_scraper()
            # to this
            self._session = cloudscraper.create_scraper(ecdhCurve='secp384r1')

[djjoakim]

It's the cloudflare issue, if somebody wants to post in their logs - see here and here to encryption - I'll take a look.

Also, one guy found that changing the cloudscraper parameters to this helped fix his issue. On line 854 of background.py:

            # change this
            self._session = cloudscraper.create_scraper()
            # to this
            self._session = cloudscraper.create_scraper(ecdhCurve='secp384r1')

There is alot of info in my log, but it seems like it's the same output "login try 1,2,3..." So i will only post the first one, please let me know if there is anything else you need.
Btw, the "password" i can see in the logs, is that somehow encrypted? Becouse that's not my password to the 2FA. And something i noticed was that my email didn't come throught, like they did before.

BTW, that line is in file backend.py and not background.py, and it didn't make it work for me :(

Thanks!

-----BEGIN PYAARLO DUMP----- gAN9cQAoWAEAAABrcQFCAAEAABgyTWuYjc8JjN3roaYhONhZgozNOJQY/w/Y/RqPrWT3PoyKPiC6 b0Kxwjpo59pculSQ/AvemjfhumNj4qJJovxXPY/O97r0+7OjNFFTUjJPmOa+YTKqNpEvCmCun54R rpeXAFu3ZH7t0UKmGZiIYBU2MV6l3KPIRqSIecqsVipEYl4hL1LWrvKasheKA/ZyC13uwnetQwO9 8ao5QOa8nX007tNpP2jTRpViyJsqzaXr/fk7efaLvyyFB9uyG1TsLiCFLQwDkaw5SAwVjNOX7aHW ftqo4KRd8AVCd+8amGMVJU0WAu1zVonPAjXDdoYwRSSp5kje5rrAMBMBGQmkG55xAlgBAAAAbnED QxCF7pkKcyZCPi75Bvtn8ShCcQRYAQAAAG9xBULAGAAA3e6Q3e5Q9zYe9cDEpbJ2kuxNa240Z1rh 1as/ZF80L9rEzfjD450x6sZGDnsF6k8Aioyu9j72QYBZH0wph68pvBJMq3KKt0SvCXe/nrkGTOqR 4wWY6SYjzrmp6jAeBVsGb4e6iJw/eVpHypHhu3e6/5f+APcrm6wG22WlkHNAa3F1uDQ50Q3l+TVz iwII5Hqh7zAu2GFvG+9qogIYUCcP+Pve9b+VLxgewHKtrzMmsMgb7Z9MhEv0GkYI/tnqA6CQa4ur fup4B5SIID39HLj71+PHqpyVIyxW2di5LKtbGqC8QvjNVtTcUgq20/NSymm5RIs909RT028AjWFm Inb3+cMhJ8DXd1oG8IWni7/29Xo3XLgUEEy5bcIio8/rBgfDWU3J3mpKZM/uckTrUj/UhAGlibcW 6gfEmbOiIu25nno3VDvOZn+8LhWtO07jtlicvn8PxO41naTkOE2RpU2cuJhKjySsnhFmIjUnSc8Z PYYsN/YvMKhHtIqiB/vGv2OouhtKftRIIc3HWU3lZv4iUKdUbtpKywJ+to9fDH3EuDJ7PNXSmXYh p9kfuoJOi/vqrycaf7Rj5v5k+tcnFGGT0YEQlILrVxiiM9zGLWIMWtktjQHaG2xvIPgl5cSfi9At y38SS1fbhNx9HC02ULVkYcxrZ2OeGpp+AS7Lyp2F+dn8xHZYLsx9Ztz0b4Fks/Ed4c/AWiCrGD39 PgmSqJeQ6TgkyjgShCSgXLE0eVq4V3cQs1YwT36EYx/zkBrVP0U6V4kK5weG+5NS3JBzyMFBb9BA 9LDvbRHujLai1AaLKWZ/T+zjTBMUvvrNuaFgweeEW19CedZgtAFpcy4jc0X2Kl8Wy0c+/spJMod4 v/kBieArSGQmDukWkbW8Edt21WH2acv5nrdIM/DBe72XT6Wy+EypkOtz1xjgsle1l7fx+KOQyrq1 XUCm3uWV7oNoWILDI1++RVEx9YxXucHiwDk2EP6TWfNb7XulKfWeeTnxoh+WLkDdIUKzf2i04lz3 dyFAWuP1JRRIMZ2f2rA9Fb2W/1HQ6VgP0oJnXyiX6SqTbSG9TymFs8TriRUbAUGih19oXT9CBW67 gWL+S0gbbOvapKI2ZW1r14HoFNSMfZg1TkzGkzuflCtrqi9w8pLGFH0bDxg2R3N7KgOWcs/RYrR9 39YWTCs5X268zqlrgoxcGk/1rEWfJ8xfDLzYb0RiJ+sHC8kbbHFQfS7PZEdG8R6qJJ0d3aVpAsFk W7815/AuaX6miN7E7YdWMyQbuiRE5dyME17CeCe54E2cTIg9c58b4aHxUpiAxUAYmmvoP/LYOzPJ oi5hpxZTW0sMxuppDOOwfGGGq7vz3OaA8sHzw7Geru5AcoI+CB11gftQROssity3bBbqDki08pTe j6BMyYZrrlho+8N5f+mufm9C9IxbQ6Fjol4+gebMhLBnLIp9iB1BJEQIiQCvUcDRR5weUFbWUHWP r26lK4dW/UWIk43X6fEeE7EAPdbTOL1+CIBvOKOzz++qrJ/vi2BBiQ57yULKnBmVJTjB9To6PzqP +2dzDuLuoKPGa+NcYms6WRzdnlvDxOtFNOU67tqPjIZTlkKe/FEno64lvDCmFPkLGVJOtNrs05Za HZXe52mNRNhoHCAFw43u2zjTG2WjXQ1Li99f+3Jzv6xETl41hz4hikn2IPrXEa7g3GugAhG74POG Apy2At6qdu2BeTkI1RTd/FxrNxgV4wqvxriBP5e49Wg7WobqiG8dI3yDqIre2VVSgiqeXhqYvBWW 72C2FTWcIv+LmoXmj1OMADOS0b4qyYbgXl7jaLAX6mCoLnZLou5607QbcJaaZSvZ2bZGx2JUAVkr jml7nL00xk/+V1J+RrZLbz/fCAqJ/K2Myu5QVtwY1CcPYMgS9/0M8nvqZOvSYRvZI9MvwTvK8ASe luzJ8qi/DofmS1SvTDLqYXWFSKfKOVLpYhahX+d4u/2QesY/+jeWsfTpFF8bDi+wNSU6Vi26Szsq hpK/AAJuqR1Vm4PGpADhuF1iHw3w7u7KkEwcr2B5mXujBwA/qouk+BS25DHGxazAoECTuGceWWHS 1z6IhwNaGC1hZfw6YPLH1oiEu+3LbaemVC/f145xhyZWOiageEXJEx7ivleych+APpJISxW1+OTT CUjEOtUqBKuVkPUlpnYUBmtHENHdyyAmNnW6MZJbGS4GoAi0T/dL9wyCOlEgLFqjoX7R93S1N2ct LT6TvjwxNWXzLa1y7DkGh6KLujBSKfTyWJX1jixe95AHPjZ3ca+qHu3S+atiwXNlLtzw6ygZLIY/ zrXEzRj7IkL0P6nJgTsvFNWHMAhWUWRY/SiZAo/mzkMmXwiNB4UDorqk7+bLluW4LKZ+QVYliSmY YD5ure+OYHMXyaCkADsmONqG9DmdhpqMs+bSFBGeazf0O6MMQrl3f0mj3agBhZWRUi/3K0/peCC/ KfukwlHJefrWqwY7Kj6qgXWkEyBZl9UczhuxrgxzAi/kppSSb4p4vV0tkOqW8XLC545Xfe9/gRhf RFG5yA4cl0FemznXAASjIhLafeKLbtL5OBlnN6FZPkvqhGs5ZCWhCdJnsp8M3gKbvnEZ19x0MYVO imj0yfOqLfQFG8eMU7v4ma0VNO0GWDo5f14IvTTnkU25D4bloIUqdW9CltWXQK/vBewRwH9/NL9h U4Lpuw1pcGpWV78uz0pcb5vATUxlUSAXcirOUmHGvNTKKDiortnmJR1x8808E/L/gc4r9MF+XpnF sTTUaQwUeyyO0VBlV3h1OnfB6kvO8aSkgq24p3bZwnYDW9am7Q7gOTDGZCBSzyIYaPF+TIyck/qa xeUdh0KIu7DMyUF1DvPhmszUGZ/XAvnU+Fu4zBFEYuFfOvtqkWgMg+SO6ZGlZO+u2umw33Ya6ne2 8VkisM7YPVfmuEAz1CnEHoGcMyhg5C4UnOzXGs81CTkhPr6VMuTCkG3dfR1v255y30wswLktY7XE uVM1sm/lAPBf2ODNKTcd0pAXNs6qW/9CWcSZAvsePgEdPMl9xofWF2Uus5AKZ7K5QUtQhA2Dn0eV O1m88BHSUIDVMaTntLKruyH66CZz3IUZRrqN4cc0C6n3hXnjHVwTDd5nnjs1b8tO8CdqVFO7sGyU HDD/vmraROkg/sVzrByIurK5lzRSQ4ruGDv1nBBpFp0whRLyQ/woNofp2Grq0/BLzX6Xua4p0YQR zUuYag1hb+txbd8hqGeVpf6rrB6gC959ht0/36QeqtlBsW1qAp1oNi9S+OoOqEWbmwrGSy3DiS+e KirLAygQ+zaKMAWQac93ZLwoJNqdCIZP5Xgl2fxg4vWJEmnaFKfCG/JKV4ZD/Gw+hFakzoqd2pHA pCjGzogw5o30fygEQGoATMUO0kVhRcAOAX7VeJGkdLktXPP4FXDRteTpzav4qwPWd1Z/9RVuvvgK sC+GCNpYC5c0ZTHYegGvLheh7nfiZaCNbSPjy+QwFqLoiXnzcVI7reFPP1gxQqDVM+cSFohDOnvF Z5ShxWEOI+mcq/FzDGRkTZQ010l+cQG5ibcis2B3osQ1ctb3b06zl9qSGwaqU7SUIuy8t/8W4e2F hwS8IV5e8+ZyNjLcHAj0Iz8whuVQh3WHqnmLrqasXIDmUziePlXdpxosTuQPJhlI1cD1KXmfTTQs VchrSxVDS3Gw+k72bMPbd23GE5FjIekFYMuE7917Uvv+KwGqlxK9JIBXDKri5SwUfYvApwYB/048 9qgVdpSVKRuio702GjuFY8ZT+FVQhK4DUgrYoJhgoiB1/zoiI/5VFAX8Nb+x2nJa0wlZHp1fZ3ZD eSFbLhsna5XymAS/RIX2DDM9jSpNrS8hHpavCHwu6xODc4pqLY2nc7v8jzmzcBf/Nir5MiTNZIJ6 5v0JyzNZZwqjZVYxBQ/eROipis7RKhy6Qe3R1AMgc5yP1qxklMl78M2Bpy8vnlBmsTxXUA4xFfvh a3infuuDH756T3vib/MsxqIOWqWemWi5EZcg/ACeGH/ZIRTx4jSPXd2Ypq0chmJblMgBhZW4CK9q iBC51gkMwf7lad7hr+Wa6DrrVUGY62/RhaaN/dLDsU3TKsXRpCatG0XrDRK+GG+1EAyuldi29qMm FBh8AF1/bB2a6AKZz/n03bqnovcbVC0Fm1BND9LdKIgPqMNMbwtG2pNH545Dx72ZQwN5qSrxfTik otElQcTB7tI5K3OwLuIMzpOKg1jJiOguqn/2VgTNvOvl+gvSzwMCnbmUsbhQp62mRJa4vVVqDQMI NqBgolFM+uaj8Op/TF7uvMiy7tBFhzYEjYIuhCL1fnok5oO2kuoSdPi0EJbdjxuSuaB4ECwI/0wF pGjIiMBxACO9Lo8hgBYQQNeSkGEUO5LEPUI2p993gjnk0xKygnPpIc0nNfKaRhfsF9XWoZb+vd5G CfUt902Sv/Dd+3Nniwf+H7VsjvoEu1PMuE3FhMhW84mMjQafQ7UVC7mrCBArDkA3LBbuQooNcJLr RA7Qus4vAYXCmH8I5AG2sZqJRkVbo8gEmiLYBkhhnfWNed76t2a+huVvB7clc7alp/ZM+hnTdNZr WH5a5Tepg4cCsU3vFm7vviznQ9qWiyAKpq9zDvdSIZxobaAH6XWN+BfR3n4GUqyJlWgaoeMIBsKA 6TluKTY9kBhQLHfzmTDDKxNL1SLOheeG5Rt40YhjKa4vSm6wFnmSQ8dc3sUCBh6iz0C/07PFVmkU EAAxUTf6kWqw3vwgCR+oDPNeX/hZpYZ5gRMjYtETuGcFgp3bRrJM120+putHGJi7mupLeHPNMYlL zNM6+ONEPMDnG4jmox/5VOP4HCsaGF4iodOByhPMDYKHThl0gBv9u7nhMZJXqFhGjCZjpOD+8jle p2vkgNHvlLeDxOx/gEDWmXUj3TJmwJB4gjh47oiF4zHrXbDgEisOsnApN8Er7F97GmBPJzv7XtVd a7n032X2HEQbYnjDI9dtKjGabOObC54f6VXe1hJUb6fQBoq/sWPJRqt2zy+1MN0sfF6zQXg/1j0o CQeR6x+CNEitbKm9Fazkc7CkbvxJK7R1PqIdSemkqFsZ/G+q8U6RZtwpP2+LvniA7A6Lfn4CD5Fp 4rzrB63/59W7q56KWQo8MhSih316+QIoyF2N8KjeT8divZYaliAitd0xxA5fUfyMVY959zrU1XLz GtP8+rpy5h6waIkk2sX8ddlkNoUWZtTk2R772Py2iYo58q3tBmM1xVoCfaHf1I6wppYA1OsZP/EA lRmDe0lc3mjO/FlOF2+ZqS0MF1tR3CASnP6N6LUdXMdJsFIQNLZ2LZ1HIY/T21LAXMQ2x2nqkl79 gAkFajojYeFXjyWYA4P6xi6K8ZdLXyQqQnrHJJhoW+BDKoDEeNsU42xMfF/gJlC+VxPO9k9hxGST G2GR6bD644PTuYiapOA+QrerQ9+fQwuDy4t5yhQHCUQS6QP09VRCjRh1Ry5H4Gn/PsaTOt5dyuQJ 5qKxA0S5BE+1g7dOv3mtkVPB2Dn52RuYi1CkNW174oa6Y6b9mRkceqm3eSoH19/Qsikfon1jvJXE 5fwByOoLOnNUi1bvrwymalS/j1hrflTeFAN00xxh4Vt7aCEocDhQFxcfDN4mqZL/tZaBnorOEr4B RKOkjMeNMOa7Iyc9anHEg41l0XtbGvYHkEqpKnOQgj8LrsYxdnHZzyBzsB473QKQGn6arOXjkptb V906EY6MMOOp5VlkfeW2uMJ9ezGbJjsSHj7qpDP2SWVl14gA+QObt7AjMxAr07TRNNzfWX9kmZF1 oy9aMaVzoOHhszIhDyEjxwoKtL/t0PI5vGuOZgKiRJrlf8M7mkMsHC8llO+vmJVa2XfrGee4Tbc4 /i6/RI8rMsN8LdeY/8vSp4Fw335OTbmcUY0HQ5nv4PEIbqIszU75/WJUHFG7AAn7Q9uYrbHli7Up wvnEMMiE2I+uxbATqML1P6SPSePbVIULky4BfVIgUYUH17oGY3hXFp0FV5ZWUZinquK9MPGVa+6k 3naR7rvsSOLs2OGHWEJY+JrabFW8RGmBK1KojmIBCU4EeU/lNNe8NYVvkUcLy8mpd4P2CcmZxlN+ 2fK8Ufof1XMtqTHliWoVrBa47tIFBEAcd7ogE+6/7+QAd9Jdcrafj3sKQFqVXn+kMkxv5dCNUc3Z MpgKVOZJwtDd7pJc3x7TfwBgHG+DyZW9LcJfLybKaj2oUmjrIPZljNRRkk3mCtmQae+u4fmZWPLK aIJnkM7kSNPdO51u+SD0F/NN+SYJHgM2cRckGiibFJOSsgXpTi3aJebYzQZ1KoP3G7/RQsF5bb/8 sQdclc8ukwJ/wx0Z15bTYvB6ZSW3y+stixIWe/Om0KJav7w+ZpOJYUfwVFoEHlhosVst5JxBI8Iy mvjB89YoO0hOnIyZ/y4zGaA4aBXpUTcbEc2Vgqy5BFp6gZiIbF3zWkpBMwetieBrixGO7f68RVG+ 4025AYgOMo6xClD5jcSSymji+LVs7yf3eUkg65dH1ImimbbkQvahXSEW85ayvfVSD0TwWLNfKqZe TqQASYqsM1cQ9hIE/5XBoo+b8U2jyYf2zw9GOLzSi7o5Xwh6rV5bG5J/HAI0Bje3ZAd/u4/6zQco wQTYZ+7jOPHZgv+cbhgkMaOMWDGF00RXdaJ0XnsXyN6B4W3vmf03ztmlXGcZjNVESd1xBnNt+ld0 dQZ/GsnxvwKDsA7D27Ut73dLlKfNR0zfsAPTiQXmEPJ4hkWL6U2fadr1jgN68EVSt6R7dsvKmjNu DgqoBg2osXl0t/ybHgLV3F+ljEe4GrJYV1UzvU47Yksp+Yo7dLtj0uJ1lccFAjkXIn9/BgfpaKIH vNPu9e+vpHDgh+2Zuy/yo7Me6uvYzr2utj5+isJToiwZtlnyY3xi3aP7NndnTZpsrtt41j9g9f6o qnaBoy2F/buILWqs+4YRkP8avZLKVnpBRwXDCbbPi0bRb2KaH5pG3CWNwk1cVtBDrZhRn+10VvBi jmkc3fFLrvOtvzEeJtezPDBhrFEDL58q6e0E+8+bT1C4iXuKI9rJNdpNRKFDw9JRv3/wRS1JhI+b DF0lJfe1P37+8tnGsrbCF7wYV39g7WEoDmPd5q9S394X9lUKl6dkzvlOHe1q84YT30jv76hS7Zhj MYIBDuOfWCf2UmOTVjtu4gw9diu3E5ybV8BONEygslc665J/JuKYQThHBYKdC/Gika3LrYR2LQJa NECYzEhiLy6dtG1aH11qTIjigLVOYYVLIgCaVMp3wXAY7D3eiEGuYVxhzbhgHwhrVpoevFHNap4K 3NtcCEPSG4o4CKAJgslPabCDqVykfq/0s05TsrUkI79T56cFBtMs+zL0doQo+mK03H3labmGKpeG j5S0BqLaGcH4l68Ywn+ILuUzMyOJ5CqxZL+KpJ4yA9/uqKaUvs50gCMEIhOzX1G24yQJ2CLFS/vx XQMeSVxU9usCXUbyMTtXSX6A/qnwZgmgZXjA0dBa/EpOpq0FjbIoN1UjojKlT+eIPKLCCPujGNF6 ozcRNaUEhx+bZxsNhU4mXE4AHXu8DMPGiQBOy1xhVra5YDdw0uNZgVgVcXIhEnC09Gu/fjh4P7B8 y2Sh3v722Gjmskrq5Rs3eHOwu/mT9wHEWRiZXCZO++KldBVGG41oHwid5HRZnyS6AbPS1lE0lK6n pn0OAG1ALlp3Z0wDjM+lCethLdYc3OTWJSwfNnrc2z27NyUjCZoiEOcmYtQbiuHJqU/lLNFifVpX 0JjzDb07uppdDo2tyjZB3Gf3SdTF+VdcNjIAmQWGrN8CWU/Y6q3u6Q0XmV6SySNlsSnBez/XqT3G IpaaIrYSpSUneYfElH6wS1NyRxJhqI/H0TdnnfUJ7Gt/Rbobctnl/DSFe3r6sgRcI9hlvEcbBQSq fAWZHsJ9gXjJFShwCNCR7v6UpUNBu66l8EjuZi22m90O7cZ4lEJiRpYFMBSeUkJglx8G4Zr6FjGp eubNmiGDqwbekN5DHztPmA2L+hSfOstOg53qzKhhGIGGApMHhI8JussvPDwi+uCqOSffTm3MWWcg RZ5Po0uMqygXc2duMBbPXHUn8Xd+vKH13+Ongq0gMAS/Mq9Rl8CXQ1tmT2n6UBuye/nvDyVkML3b f2RW2jzP32ap7z0dcJ5mXddS+ReroWFDVewBLBuVDUcDLQD6nZStv2ApOk53hgQRyGIesLjTrLbB UZe9e09ftnL3TK21zuXi98f1/V1rNO6XInPAkHxZBjLGo1A1r09Kr2yTB5xVut2GHh5Y0mUIUCNU bsHQFJJisXqKMEUeXzpoGxLy4bG7tLQ1tkTvp8Lo+QZ/vkzq76x5Bw1D3BdtiQpJfK9rB5hbKMC8 f6Y18UjDb1Qw2lOi9Q2ioaRvkdSOmYUliYZ3lK/P2dqVDi80oe4bIaGrcQZYAQAAAHRxB0MQew7+ DbcdiFdJWZp1FuHWhnEIdS4= -----END PYAARLO DUMP-----

[usedjeans818]

I'm having the same issue since yesterday (July 5, 2023). I had thought it was because of 2FA (my delegated account hadn't required to have 2FA enabled yet), so I ended up enabling 2FA, in hopes that it would fix the issue. It did not... I have tried:

• deleting ./aarlo/session.pickle (it has not been recreated)
• just updated to v0.7.4b18
• tried Push 2FA to my phone (switched the default 2FA method in the app from email to my device)
• I can log into my.arlo.com fine with my u/n and p/w as well as receive both email 2FA and Push 2FA

I'm assuming the fact that I don't get the email 2FA nor a Push 2FA notification means that Aarlo isn't getting past the logon.

If it helps, please see below for my configuration.yaml excerpt.

aarlo:
  username: !secret arlo_username
  password: !secret arlo_password
  tfa_source: imap
  tfa_type: email
  tfa_host: imap.gmail.com
  tfa_username: !secret arlo_email_un
  tfa_password: !secret arlo_email_pw
  # tfa_source: push
  # tfa_type: PUSH
  refresh_devices_every: 2
  reconnect_every: 90
  stream_timeout: 120
  request_timeout: 120
  backend: sse

As a footnote, I have configured my Google account to have 2-Step Verification enabled and I have also created the App Specific Password. (I have even Enabled Less Secure Apps.) So, this should all work once the logon issue is resolved.

[platini76]

same problem here from last update..

[shehandavy]

Same problem here since yesterday which is when I updated to the latest version.

configuration.yaml

aarlo:
  username: !secret arlo_username
  password: !secret arlo_password
  tfa_source: imap
  tfa_type: email
  tfa_host: imap.gmail.com
  tfa_username: !secret arlo_username
  tfa_password: !secret arlo_gmail_app_password
  refresh_devices_every: 2
  stream_timeout: 120
  reconnect_every: 60
  backend: sse

Log

This error originated from a custom integration.

Logger: custom_components.aarlo
Source: custom_components/aarlo/__init__.py:495
Integration: aarlo (documentation, issues)
First occurred: 13:48:48 (4 occurrences)
Last logged: 13:50:44

unable to connect to Arlo: attempt=1,sleep=15,error=authentication failed
unable to connect to Arlo: attempt=2,sleep=30,error=authentication failed
unable to connect to Arlo: attempt=3,sleep=60,error=authentication failed
unable to connect to Arlo: attempt=4,sleep=120,error=authentication failed

It's the cloudflare issue, if somebody wants to post in their logs - see here and here to encryption - I'll take a look.

Also, one guy found that changing the cloudscraper parameters to this helped fix his issue. On line 854 of background.py:

            # change this
            self._session = cloudscraper.create_scraper()
            # to this
            self._session = cloudscraper.create_scraper(ecdhCurve='secp384r1')

Unfortunately this did not work for me either.

[usedjeans818]

It's the cloudflare issue, if somebody wants to post in their logs - see here and here to encryption - I'll take a look.

Also, one guy found that changing the cloudscraper parameters to this helped fix his issue. On line 854 of background.py:

            # change this
            self._session = cloudscraper.create_scraper()
            # to this
            self._session = cloudscraper.create_scraper(ecdhCurve='secp384r1')

This did not work for me either. However, please see attached for my home-assistant.log file. I did not enable the entire list of custom_components.aarlo.xxx. But, I did enable Verbose Log.

home-assistant_usedjeans818.log

[juju159]

Hello @twrecked .
Please find the log
encrypted_log.txt
Thx.
J.

[medivb]

Same issue here; integration reports unable to connect to Arlo: attempt=x,sleep=xxx,error=authentication failed. No 2FA message has reached my mailbox, so assuming it already fails before it even reaches that stage. Removed session.pickle, but made no difference. No new session.pickle file was created after restart.

[nsleigh]

It's the cloudflare issue, if somebody wants to post in their logs - see here and here to encryption - I'll take a look.

Also, one guy found that changing the cloudscraper parameters to this helped fix his issue. On line 854 of background.py:

            # change this

            self._session = cloudscraper.create_scraper()

            # to this

            self._session = cloudscraper.create_scraper(ecdhCurve='secp384r1')

I gave this a go but no joy - by the way the code is in backend.py

You probably know this but I have taken a look at the cloudflare docs and it seems Arlo have setup a rule to block certain requests, e.g. empty query strings. Problem is without knowing the rules it is hard to know what they don't like about the aarlo request. My guess is that they expect some random request property to stop replay attacks - well that is what I would do.

[sological]

It's the cloudflare issue, if somebody wants to post in their logs - see here and here to encryption - I'll take a look.
Also, one guy found that changing the cloudscraper parameters to this helped fix his issue. On line 854 of background.py:

            # change this

            self._session = cloudscraper.create_scraper()

            # to this

            self._session = cloudscraper.create_scraper(ecdhCurve='secp384r1')

I gave this a go but no joy - by the way the code is in backend.py

You probably know this but I have taken a look at the cloudflare docs and it seems Arlo have setup a rule to block certain requests, e.g. empty query strings. Problem is without knowing the rules it is hard to know what they don't like about the aarlo request. My guess is that they expect some random request property to stop replay attacks - well that is what I would do.

The response I see in the debug log is that Cloudflare says I need to enable cookies.

[nsleigh]

The response I see in the debug log is that Cloudflare says I need to enable cookies.

Out of interest where do you see that?

[bennyb0i]

It's the cloudflare issue, if somebody wants to post in their logs - see here and here to encryption - I'll take a look.

Also, one guy found that changing the cloudscraper parameters to this helped fix his issue. On line 854 of background.py:

            # change this
            self._session = cloudscraper.create_scraper()
            # to this
            self._session = cloudscraper.create_scraper(ecdhCurve='secp384r1')

I've run into the same issue as pretty much everyone else in this thread. Tried deleting session.pickle and adjusting backend.py (not background.py) as per above to no avail, unfortunately.

[sological]

The response I see in the debug log is that Cloudflare says I need to enable cookies.

Out of interest where do you see that?

By adding

logger:
  default: info
  logs:
    pyaarlo: debug

into configuration.yaml
and check for result in home-assistant.log

[usedjeans818]

I took a look at my home-assistant.log file and pulled out the concerning excerpts from the log:

The password found in this section of the log does not coincide with what I have in my secrets.yaml file, does it mask it when logging the activity?

{'EnvSource': 'prod',
 'email': '[email protected]',
 'language': 'en',
 'password': '------redacted------'}

An error regarding cookies:

<div class="cf-alert cf-alert-error cf-cookie-error" id="cookie-alert" data-translate="enable_cookies">Please enable cookies.</div>
    <div id="cf-error-details" class="cf-error-details-wrapper">
      <div class="cf-wrapper cf-header cf-error-overview">
        <h1 data-translate="block_headline">Sorry, you have been blocked</h1>
        <h2 class="cf-subheadline"><span data-translate="unable_to_access">You are unable to access</span> ocapi-app.arlo.com</h2>
      </div><!-- /.header -->

Error regarding a screenshot:

     <div class="cf-section cf-highlight">
        <div class="cf-wrapper">
          <div class="cf-screenshot-container cf-screenshot-full">
            
              <span class="cf-no-screenshot error"></span>
            
          </div>
        </div>
      </div><!-- /.captcha-container -->

And, finally, "Why have I been blocked?":

      <div class="cf-section cf-wrapper">
        <div class="cf-columns two">
          <div class="cf-column">
            <h2 data-translate="blocked_why_headline">Why have I been blocked?</h2>

            <p data-translate="blocked_why_detail">This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.</p>
          </div>

          <div class="cf-column">
            <h2 data-translate="blocked_resolve_headline">What can I do to resolve this?</h2>

            <p data-translate="blocked_resolve_detail">You can email the site owner to let them know you were blocked. Please include what you were doing when this page came up and the Cloudflare Ray ID found at the bottom of this page.</p>
          </div>
        </div>
      </div><!-- /.section -->

Thanks, @twrecked for all that you do for this project and Home Assistant!

[nsleigh]

@sological @usedjeans818 I might be wrong but not sure you're reading the html response correctly, the code allows for those issues but it depends on what is sent by a browser and we can't see that.

[twrecked]

@usedjeans818 We base64 encode the password that's why it looks different. You can try pasting your password in here and seeing if it lines up.

As for the cookies and being blocked, I have no idea. cloudscraper should provide the cookies and Cloudflare is seeing something it doesn't like and is blocking you. But I don't know what that is. We line up our packets as close as possible to the ones sent by the web browser and that seems to work.

It works for me and once it's working it just keeps on working until Arlo changes so it's hard to debug at this end.

One thing to try might be changing your user agent.

[juju159]

What is the user agent?

[nsleigh]

For ref. A user agent is what a browser (e.g. chrome, edge) sends to identify itself. Don't know how to change it though, reading the cloudscraper docs I thought this was randomized.

[seanmccabe]

Now experiencing the same issue in NZ as of 8th July. Looks like whatever change Cloudflare or Arlo made has rolled out fully.

Aarlo attempts to setup, but no 2FA code request is received at the app.

[usedjeans818]

One thing to try might be changing your user agent.

@twrecked I just tried

aarlo:
  ...
  user_agent: linux # I also tried: apple

Neither "linux" nor "apple" worked to resolve the issue.

[usedjeans818]

I also just tried editing my /etc/hosts file (as suggested from It's Not Working, and switched "commenting out" between the two entries and neither worked.

#104.18.30.98 ocapi-app.arlo.com
#104.18.31.98 ocapi-app.arlo.com

However, did the servers change IPs? I ran an nslookup on my desktop and ocapi-app.arlo.com resolved to:
104.18.22.140
104.18.23.140

I also tried forcing connections between these two IPs and that did not help either.

[juju159]

Try to change user agent to linux, apple -> Not working
try to add line on hosts file -> Not working
104.18.30.98 ocapi-app.arlo.com
104.18.31.98 ocapi-app.arlo.com
try to remove aarlo.pickle on each test... I give up ...
Still ...
Please enable cookies.
Sorry, you have been blocked from clouflare

@twrecked Any idea? Thx for your help

[nsleigh]

Still ...
Please enable cookies.
Sorry, you have been blocked from clouflare

@juju159 where do you see this? I see it in the logs in a bunch of HTML but not convinced it is the error.

[Pengouin]

Try to change user agent to linux, apple -> Not working try to add line on hosts file -> Not working 104.18.30.98 ocapi-app.arlo.com 104.18.31.98 ocapi-app.arlo.com try to remove aarlo.pickle on each test... I give up ... Still ... Please enable cookies. Sorry, you have been blocked from clouflare

@twrecked Any idea? Thx for your help

Same problem here with brand new setup. I also try everything mention in this thread but no success. I'm blocked by cloudflare.

[JigSawFr]

Try to change user agent to linux, apple -> Not working try to add line on hosts file -> Not working 104.18.30.98 ocapi-app.arlo.com 104.18.31.98 ocapi-app.arlo.com try to remove aarlo.pickle on each test... I give up ... Still ... Please enable cookies. Sorry, you have been blocked from clouflare
@twrecked Any idea? Thx for your help

Same problem here with brand new setup. I also try everything mention in this thread but no success. I'm blocked by cloudflare.

Same on my side, blocked by cloudflare protection.

[juju159]

Still ...
Please enable cookies.
Sorry, you have been blocked from clouflare

@juju159 where do you see this? I see it in the logs in a bunch of HTML but not convinced it is the error.

[jurgenweber]

so, I am running into this also but I thought to try and get the login process running outside of HASS. This is using python3.11 straight off my OSX/Darwin.

DEBUG:pyaarlo:login attempt #3
DEBUG:pyaarlo:request-url=https://ocapi-app.arlo.com/api/auth
DEBUG:pyaarlo:request-params=
{'EnvSource': 'prod',
 'email': '[email protected]',
 'language': 'en',
 'password': '___BLANK___'}
DEBUG:pyaarlo:request-headers=
{'Accept': 'application/json, text/plain, */*',
 'Accept-Encoding': 'gzip, deflate, br',
 'Accept-Language': 'en-GB,en;q=0.9,en-US;q=0.8',
 'Origin': 'https://my.arlo.com',
 'Referer': 'https://my.arlo.com/',
 'Source': 'arloCamWeb',
 'User-Agent': 'Mozilla/5.0 (iPhone; CPU iPhone OS 11_1_2 like Mac OS X) '
               'AppleWebKit/604.3.5 (KHTML, like Gecko) Mobile/15B202 '
               'NETGEAR/v1 (iOS Vuezone)',
 'x-user-device-automation-name': 'QlJPV1NFUg==',
 'x-user-device-id': '8f502d1f-db50-42a6-a64f-ccb70bdb81a0',
 'x-user-device-type': 'BROWSER'}
DEBUG:urllib3.connectionpool:https://ocapi-app.arlo.com:443 "POST /api/auth HTTP/1.1" 403 None
WARNING:pyaarlo:body-error=JSONDecodeError
DEBUG:pyaarlo:request-text=<!DOCTYPE html>
<!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->
<!--[if IE 7]>    <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->
<!--[if IE 8]>    <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en-US"> <!--<![endif]-->
<head>
<title>Attention Required! | Cloudflare</title>
<meta charset="UTF-8" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=Edge" />
<meta name="robots" content="noindex, nofollow" />
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" />
<!--[if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]-->
<style>body{margin:0;padding:0}</style>


<!--[if gte IE 10]><!-->
<script>
  if (!navigator.cookieEnabled) {
    window.addEventListener('DOMContentLoaded', function () {
      var cookieEl = document.getElementById('cookie-alert');
      cookieEl.style.display = 'block';
    })
  }
</script>
<!--<![endif]-->


</head>
<body>
  <div id="cf-wrapper">
    <div class="cf-alert cf-alert-error cf-cookie-error" id="cookie-alert" data-translate="enable_cookies">Please enable cookies.</div>
    <div id="cf-error-details" class="cf-error-details-wrapper">
      <div class="cf-wrapper cf-header cf-error-overview">
        <h1 data-translate="block_headline">Sorry, you have been blocked</h1>
        <h2 class="cf-subheadline"><span data-translate="unable_to_access">You are unable to access</span> ocapi-app.arlo.com</h2>
      </div><!-- /.header -->

      <div class="cf-section cf-highlight">
        <div class="cf-wrapper">
          <div class="cf-screenshot-container cf-screenshot-full">

              <span class="cf-no-screenshot error"></span>

          </div>
        </div>
      </div><!-- /.captcha-container -->

      <div class="cf-section cf-wrapper">
        <div class="cf-columns two">
          <div class="cf-column">
            <h2 data-translate="blocked_why_headline">Why have I been blocked?</h2>

            <p data-translate="blocked_why_detail">This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.</p>
          </div>

          <div class="cf-column">
            <h2 data-translate="blocked_resolve_headline">What can I do to resolve this?</h2>

            <p data-translate="blocked_resolve_detail">You can email the site owner to let them know you were blocked. Please include what you were doing when this page came up and the Cloudflare Ray ID found at the bottom of this page.</p>
          </div>
        </div>
      </div><!-- /.section -->

      <div class="cf-error-footer cf-wrapper w-240 lg:w-full py-10 sm:py-4 sm:px-8 mx-auto text-center sm:text-left border-solid border-0 border-t border-gray-300">
  <p class="text-13">
    <span class="cf-footer-item sm:block sm:mb-1">Cloudflare Ray ID: <strong class="font-semibold">7e3c20f39adfa86b</strong></span>
    <span class="cf-footer-separator sm:hidden">&bull;</span>
    <span id="cf-footer-item-ip" class="cf-footer-item hidden sm:block sm:mb-1">
      Your IP:
      <button type="button" id="cf-footer-ip-reveal" class="cf-footer-ip-reveal-btn">Click to reveal</button>
      <span class="hidden" id="cf-footer-ip">124.168.177.125</span>
      <span class="cf-footer-separator sm:hidden">&bull;</span>
    </span>
    <span class="cf-footer-item sm:block sm:mb-1"><span>Performance &amp; security by</span> <a rel="noopener noreferrer" href="https://www.cloudflare.com/5xx-error-landing" id="brand_link" target="_blank">Cloudflare</a></span>
  </p>
  <script>(function(){function d(){var b=a.getElementById("cf-footer-item-ip"),c=a.getElementById("cf-footer-ip-reveal");b&&"classList"in b&&(b.classList.remove("hidden"),c.addEventListener("click",function(){c.classList.add("hidden");a.getElementById("cf-footer-ip").classList.remove("hidden")}))}var a=document;document.addEventListener&&a.addEventListener("DOMContentLoaded",d)})();</script>
</div><!-- /.error-footer -->
    </div><!-- /#cf-error-details -->
  </div><!-- /#cf-wrapper -->
  <script>
  window._cf_translation = {};
</script>
</body>
</html>

ERROR:pyaarlo:authentication failed

I do not know if the 'please enable cookies' message is a red herring or something else. What is cloudflare looking for when it says that?

Anyway, my thought is... it has to be something in the post or the request headers it does not like..... So I started some brute force engineering. :)

The first thing that gave me a different result is

"Source": "arloCamWeb"

I removed it.

DEBUG:pyaarlo:Cfg started
WARNING:pyaarlo:Problem creating
DEBUG:pyaarlo:starting
DEBUG:pyaarlo:file not read
DEBUG:pyaarlo:session file not read
DEBUG:pyaarlo:looking for user_agent arlo
DEBUG:pyaarlo:oldish session, getting a new one
DEBUG:pyaarlo:login attempt #1
DEBUG:pyaarlo:request-url=https://ocapi-app.arlo.com/api/auth
DEBUG:pyaarlo:request-params=
{'EnvSource': 'prod',
 'email': '[email protected]',
 'language': 'en',
 'password': '___BLANK___'}
DEBUG:pyaarlo:request-headers=
{'Accept': 'application/json, text/plain, */*',
 'Accept-Encoding': 'gzip, deflate, br',
 'Accept-Language': 'en-GB,en;q=0.9,en-US;q=0.8',
 'Origin': 'https://my.arlo.com',
 'Referer': 'https://my.arlo.com/',
 'User-Agent': 'Mozilla/5.0 (iPhone; CPU iPhone OS 11_1_2 like Mac OS X) '
               'AppleWebKit/604.3.5 (KHTML, like Gecko) Mobile/15B202 '
               'NETGEAR/v1 (iOS Vuezone)',
 'x-user-device-automation-name': 'QlJPV1NFUg==',
 'x-user-device-id': '7e064a15-f862-4bd1-b03e-0964d7e85465',
 'x-user-device-type': 'BROWSER'}
DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): ocapi-app.arlo.com:443
DEBUG:urllib3.connectionpool:https://ocapi-app.arlo.com:443 "POST /api/auth HTTP/1.1" 200 None
DEBUG:pyaarlo:request-body=
{'data': {'MFA_State': 'ENABLED',
          '_type': 'AccessTokenV2',
          'authCompleted': False,
          'authenticated': 1688860488,
          'expiresIn': 1690070088,
          'issued': 1688860488,
          'mfa': True,

Bingo.

I then went to the backend.py in my hass install and removed the line with 'arloCamWeb'.

Yep, working now. Looks like we found our new CloudFlare rule. I have my baby arlo back.

Let me know if you need any further clarification.

@twrecked

Thanks for the honourable mention; https://github.com/twrecked/hass-aarlo/releases/tag/v0.7.4b19

[KalleHoppe]

Hi, back, sorry for the late response, I've been away.
@sirk77kn I updated the config and have updated to the latest version, v0.7.4b19. And it's working for me too now. Big big thanks @twrecked and all that contributed, for all the hard work fixing this.
And for all.... if you where debugging and commented out all the sensors....don't forget to uncomment them in the config.... ask me how i know 🤦‍♂️

[sirk77kn]

hi,
thx for feedback, after updating to b19 I do not have any issue as well

[sgnagnarella]

Still failing for me in b19

2023-08-06 21:07:16.157 ERROR (SyncWorker_3) [pyaarlo] authentication failed

[cambuehl]

Still failing for me as well after the update to b19

[Serpe-Verde]

It seems that the problem is inherent in the home assistant request. If you log in via the web with the same credentials everything works correctly so it's not a user and password problem. It works even if I use the same credentials in the Arlo mobile app.

[townsmcp]

Failing for me on b19 as well. Was working ok before updating to b19 (I had it working before due to making the changes to lines 659 and 854 in early July).

UPDATE:
As per the release notes, I deleted /.aarlo/session.pickle. Restarting HA did not resolve the issue. However a full reboot of the system did resolve the issue.

@sgnagnarella and @cambuehl delete the pickle file and reboot the system. It should then work fine on b19

[lennon101]

UPDATE:
As per the release notes, I deleted /.aarlo/session.pickle. Restarting HA did not resolve the issue. However a full reboot of the system did resolve the issue.

This was the fix for me. Thank you! I was only reloading the yaml config not doing a full system restart. Thanks for the info @townsmcp

[cambuehl]

Failing for me on b19 as well. Was working ok before updating to b19 (I had it working before due to making the changes to lines 659 and 854 in early July).

UPDATE: As per the release notes, I deleted /.aarlo/session.pickle. Restarting HA did not resolve the issue. However a full reboot of the system did resolve the issue.

@sgnagnarella and @cambuehl delete the pickle file and reboot the system. It should then work fine on b19

Did not work for me. Still no Arlo.

[aliaghil]

@cambuehl

Ok, follow the below and see how it goes for you:

1. removed the aarlo addon also disable the aarlo section in the configuration
2. reboot the host (not restart home assistant)
3. delete the aarlo.pickle file in .aarlo folder.
4. redownload the aarlo addon and enable its aarlo in the configuration
5. reboot the host

[cambuehl]

@cambuehl

Ok, follow the below and see how it goes for you:

1. removed the aarlo addon also disable the aarlo section in the configuration
2. reboot the host (not restart home assistant)
3. delete the aarlo.pickle file in .aarlo folder.
4. redownload the aarlo addon and enable its aarlo in the configuration
5. reboot the host

Thank you for the suggestion. I've already went through that process once, and just tried it two more times today. Same results as before, home assistant is unable to connect to arlo.

[sgnagnarella]

This got back to work again after I migrated HA from a laptop to a NUC. I wonder if aarlo is blocking certain mac-addresses. Have you tried regenerating the Mac Address for your VM?

…

On Fri, Aug 11, 2023 at 4:27 PM cambuehl ***@***.***> wrote: @cambuehl <https://github.com/cambuehl> Ok, follow the below and see how it goes for you: 1. removed the aarlo addon also disable the aarlo section in the configuration 2. reboot the host (not restart home assistant) 3. delete the aarlo.pickle file in .aarlo folder. 4. redownload the aarlo addon and enable its aarlo in the configuration 5. reboot the host Thank you for the suggestion. I've already went through that process once, and just tried it two more times today. Same results as before, home assistant is unable to connect to arlo. — Reply to this email directly, view it on GitHub <#778 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAN4U6FKOGPPQZGMZVXUTFDXU2ITLANCNFSM6AAAAAA2AWFK7Y> . You are receiving this because you were mentioned.Message ID: ***@***.***>

[hastarin]

@twrecked First up thanks for your amazing tools and I ask this as someone with no real python coding experience.

I notice you are supplying a User-Agent in an attempt to support the various streams and wonder if that may be the reason we all keep getting blocked by Cloudflare?

The cloudscraper documentation seems to warn against doing this:

https://github.com/venomous/cloudscraper#user-agent-handling

User-Agent Handling
The two integration functions return a tuple of (cookie, user_agent_string).

You must use the same user-agent string for obtaining tokens and for making requests with those tokens, otherwise Cloudflare will flag you as a bot.

That means you have to pass the returned user_agent_string to whatever script, tool, or service you are passing the tokens to (e.g. curl, or a specialized scraping tool), and it must use that passed user-agent when it makes HTTP requests.

It seems cloudscraper does provide some options for limiting the user agents that it uses which might still help support the approach you're trying?

https://github.com/venomous/cloudscraper#browser--user-agent-filtering

[georgejung]

just to jump in with my experience here with the same problem of authentication error. the last 2fa auth email i got was july 27 and 18th before that. Not sure exactly when it stopped working but sometime in later July. im on ubuntu bare metal, everything in docker.

i was on a much older version that i couldn't update because HACS was giving me problems. I got around to removing and reloading HACS and then i was able to update integrations. I went to 19, and it didn't fix, but i didn't try to delete the pickle file and i was not rebooting the entire system, just a full ha reboot / stop start container.

instead as per another issue #782 i removed aarlo entirely from HACS and then installed b12 and comented out line 644 in the backend.py re arlocamweb. after i restarted HA it worked again. i'll try to test b19 more fully with the steps mentioned above here and report back in a few days. Thanks twrecked for all of your work and to everyone contributing here.

[mcvicthor]

I am getting blocked by cloudflare "Source": "arloCamWeb" commented or not

[mcvicthor]

I've managed to resolve it by changing line 854 from

self._session = cloudscraper.create_scraper(ecdhCurve='secp384r1')
to
self._session = cloudscraper.create_scraper(ecdhCurve='secp384r1',browser='chrome')

[Molnigt]

After days of being down and trying all sorts of things described in this thread, and more, I finally removed all cloudscraper options. And now it works...
self._session = cloudscraper.create_scraper()

[queelyte]

After days of being down and trying all sorts of things described in this thread, and more, I finally removed all cloudscraper options. And now it works...
self._session = cloudscraper.create_scraper()

Did you delete the session.pickle file also?

[Molnigt]

Did you delete the session.pickle file also?

Yes, both pickles where deleted before that when trying other suggestions.

[aliaghil]

Hi everyone
Sharing my experience with you, I realized every time I update the home assistant to its latest version, the Aarlo breaks.
Here are the steps I took to resolve it:

1. After updating the home assistant, log in via SSH to HA and stop it via this command: "ha core stop"
2. Then I deleted the HA database (all the files with the .db extension in the config folder) and the pickle file in the ".aarlo" folder.
3. Then start home assistant via "ha core start"
   Hope this helps.

[twrecked]

You can turn off authentication caching so it doesn't even save the session.

https://github.com/twrecked/hass-aarlo#authentication-caching

If you only restart home assistant once or twice a week this might be a better setting for you.

[homefuzz-oz]

Hello everyone,

I have been following this thread ever since my Arlo stopped working a little while ago. I’ve since tried different permutations of the various suggestions and realised that some of the cloudscraper config has already made it into the deployment for 7.4.

Short is, none of the approaches has given me any luck, so I am wondering if anyone has found a solution that hasn’t been mentioned above. Ie deleting pickles, editing backend in various ways.

I am using PUSH for tfa. When I delete the *.pickle files before a restart, I do receive a login request, but still the integration shows the error that “Name does not resolve”, and it takes reference to MQTT.

Also when I login to my tfa Arlo account, I get a splash screen “do you trust this browser”, which I assume is the culprit when the integration tries to login, but I can’t see manually trying to turn up as the User Agent that I just whitelisted to be a sustainable solution.

If there is anything else I can or should try, I am keen to hear what other suggestions are out there.

For the sake of completeness, here is the log:

2023-11-07 22:00:29.615 DEBUG (SyncWorker_1) [pyaarlo] waiting for stream up
2023-11-07 22:00:30.612 DEBUG (ArloEventStream) [pyaarlo] re-logging in
2023-11-07 22:00:30.613 DEBUG (ArloEventStream) [pyaarlo] looking for user_agent arlo
2023-11-07 22:00:30.620 DEBUG (SyncWorker_1) [pyaarlo] waiting for stream up
2023-11-07 22:00:30.621 DEBUG (ArloEventStream) [pyaarlo] newish sessions, re-using
2023-11-07 22:00:31.109 DEBUG (ArloEventStream) [pyaarlo] multilocation is False
2023-11-07 22:00:31.109 DEBUG (ArloEventStream) [pyaarlo] (re)starting mqtt event loop
2023-11-07 22:00:31.109 DEBUG (ArloEventStream) [pyaarlo] mqtt: client_id=user_64Z***
2023-11-07 22:00:31.163 DEBUG (ArloEventStream) [pyaarlo] mqtt: host=mqtt-cluster.arloxcld.com, check=True, transport=tcp
2023-11-07 22:00:31.166 ERROR (ArloEventStream) [pyaarlo] general-error=gaierror
Traceback (most recent call last):
File "/config/custom_components/aarlo/pyaarlo/backend.py", line 497, in _mqtt_main
self._event_client.connect(self._arlo.cfg.mqtt_host, port=443, keepalive=60)
File "/usr/local/lib/python3.11/site-packages/paho/mqtt/client.py", line 914, in connect
return self.reconnect()
^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/paho/mqtt/client.py", line 1044, in reconnect
sock = self._create_socket_connection()
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/paho/mqtt/client.py", line 3685, in _create_socket_connection
return socket.create_connection(addr, timeout=self._connect_timeout, source_address=source)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/socket.py", line 827, in create_connection
for res in getaddrinfo(host, port, 0, SOCK_STREAM):
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/socket.py", line 962, in getaddrinfo
for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
socket.gaierror: [Errno -2] Name does not resolve

[twrecked]

I think you are logging in ok. I think the mqtt server is the issue. Try these solutions in turn to fix it:

• change the mqtt server

aarlo:
  # your current config
  mqtt_hostname_check: False
  mqtt_host: mqtt-cluster-z1.arloxcld.com

• or change the backend:

aarlo:
  # your current config
  backend: sse

[homefuzz-oz]

I think you are logging in ok. I think the mqtt server is the issue. Try these solutions in turn to fix it:

• change the mqtt server

aarlo:
  # your current config
  mqtt_hostname_check: False
  mqtt_host: mqtt-cluster-z1.arloxcld.com

• or change the backend:

aarlo:
  # your current config
  backend: sse

Thank you @twrecked! Backend: sse did the trick. Sorry, I thought I had read that Arlo had moved to MQTT backend only, so didn’t even consider the sse option. Apologies.

[merlinpimpim]

I think you are logging in ok. I think the mqtt server is the issue. Try these solutions in turn to fix it:

• change the mqtt server

aarlo:
  # your current config
  mqtt_hostname_check: False
  mqtt_host: mqtt-cluster-z1.arloxcld.com

This configuration finally made Aarlo work!
Thanks

[ManfredBorn]

unbelievable but after month of trying i got it finally to work - awesome...:

#Aarlo

aarlo:
username: !secret arlo_username
password: !secret arlo_password
tfa_source: imap
tfa_type: email
tfa_host: imap.gmail.com
tfa_username: !secret arlo_username
tfa_password: !secret arlo_gmail_app_password
refresh_devices_every: 2
stream_timeout: 120
reconnect_every: 60
backend: sse
mqtt_hostname_check: False
mqtt_host: mqtt-cluster-z1.arloxcld.com

camera:

• platform: aarlo
  binary_sensor:
• platform: aarlo
  monitored_conditions:
  • motion
  • sound
  • ding
  • cry
  • connectivity
    media_player:
• platform: aarlo

[franaraujo77]

Analyzing logs, it point that cloudflare is blocking the configuration of arlo. So, I thought about where I set the URL to let them access my hassio.
I went to settings->system->network and changed the internet address to let my hassio be acessed through a local address, like 192.168.1.10, reboot my system. When hassio come back, the .arlo folder have aarlo and session pickle files and I can view videos from my arlo camera!! I changed back the internet address in network settings to my cloudflare address and camera is still working.
I know that is a workaround, but it is easier to do in this way than going to another integration version
I am using arlos integration version 0.7.4.2
I hope that help others