Using Ubuntu PPA Repositories Behind a Firewall

posted by John on

This post describes a quick and dirty way to configure apt-add-repository to use port 80 instead of port 11371.

Ubuntu Personal Package Archives (PPA) are an easy way for developers to make their source packages available to the common user (like myself) through APT, Debian's great package manager. Packages from the default repositories are often out of date, where the developer has published newer versions that may have fixed serious bugs. In order to ensure that the ppa is trusted, an encrypted connection over gpg is used. However, apt by default connects via port 11371, likely to be blocked if you are behind a corporate firewall. When you try to add the ppa you're likely to see the following error:

gpg: requesting key 34EF4A35 from hkp server keyserver.ubuntu.com
?: keyserver.ubuntu.com: Connection refused
gpgkeys: HTTP fetch error 7: couldn't connect: Connection refused
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0

The simplest way I found to configure apt to use port 80 instead of the default was found in this launchpad bug, post #9:

To make add-apt-repository use port 80 by default, the /usr/share/pyshared/softwareproperties/ppa.py file used by add-apt-repository can be modified to use port 80. Edit the file /usr/share/pyshared/softwareproperties/ppa.py Search for "keyserver.ubuntu.com" Replace it by "hkp://keyserver.ubuntu.com:80" and save the file. add-apt-repository should work behind a proxy now.

The downside to a code change, like we're doing here to ppa.py, is that a typical upgrade would overwrite our changes. However, according to the thread referenced above, this change has already been made in Ubuntu 11.04 and up.

Share the delectableness

About John Coulter

John graduated from Utah State University with a BA in Management Information Systems. He works full-time doing web development, currently utilizing MarkLogic and XQuery. His primary technological interest currently lies in discovering new (and very old) scripting languages, and he's currently enamored by TCL. He pretends to be a Linux evangelist, but he's really still in the hobbyist stage, though his allegiance is rapidly waxing. His time not in front of a glowing rectangle is spent chasing his bride of one year. More by John

Leave a comment

blog comments powered by Disqus