HowTo: Make use of Ubuntu PPA repositories

What is a PPA repository?

A PPA is a Personal Package Archive hosted by the servers that contains binaries and/or source related to a project. The project can be anything from a new application to a backport of an existing one. A good example is the easy availability of 3.0.1 to Intrepid users before Jaunty came out rather than having to deal with the mess of packages from Sun’s own website.

PPA’s can be wholly personal to you or may be open to the public. In particular it is very useful for providing Ubuntu packaged versions of a given application instead of dealing with tarballs or converting RPM packages.

So how does one make use of a pre-defined PPA and are there any things to be wary about? Read on.

PPA’s are great for getting the latest versions of a given piece of software instead of waiting for the official Ubuntu repository versions to be updated, though you will of course open yourself to any potential bugs in that software. Classic examples include getting Pidgin’s 2.5.8 update with the included new authentication method for Yahoo Messenger, or getting the latest version of the Deluge BitTorrent client/daemon.

In this HowTo, we are going to grab the latest version of Deluge to install on an Ubuntu Jaunty 9.04 system using the unofficial Ubuntu PPA, but this guide should apply to just about any version of Ubuntu or other Debian-based distribution.

NOTE: Ubuntu has now further simplified the PPA process by introducing a new way of adding PPA repositories and the GPG key in one hit from Ubuntu Karmic 9.10 onwards. While you can still use the process outlined below, please see the note at the end of this article for the simplified way.

  1. First up, we need to create a sources.list file for the PPA repository we want to add to our system. In the case of Deluge, the PPA is at so go there first.
  2. Under the “Install packages” section is a box with two lines in it:

    deb jaunty main
    deb-src jaunty main

  3. Highlight and copy these two lines to your clipboard.
  4. Now open a terminal and create a new file in your favourite text editor (in this case, GEdit) by typing in:

    $ sudo gedit /etc/apt/sources.list.d/deluge.list
  5. This creates a new file under /etc/apt/sources.list.d called deluge.list. You are presented with a blank page. Paste the content of the clipboard down so you have the two lines you copied earlier.
  6. Save and close the file.
  7. Now, in the terminal, type in:

    $ sudo apt-get update
  8. When the update completes, you should see a warning error at the end similar to the following:

    W: GPG error: jaunty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY C5E6A5ED249AD24C
    W: You may want to run apt-get update to correct these problems

  9. What this means is that apt-get has processed all your package lists and found that for the newly added Deluge source list, it does not have a GPG key to authenticate any of the files from it. This doesn’t stop you from installing Deluge or other files from it, but it does prevent Ubuntu from proving whether or not these files are untampered with, so it will pester you with warnings until you can provide it that GPG public key. Providing it is simple. Make note of the hexadecimal value provided after NO_PUBKEY and then type in the following:

    $ sudo apt-key adv --keyserver --recv-keys C5E6A5ED249AD24C
    Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --keyserver --recv-keys C5E6A5ED249AD24C
    gpg: requesting key 249AD24C from hkp server
    gpg: key 249AD24C: public key "Launchpad PPA for Deluge Team" imported
    gpg: Total number processed: 1
    gpg:               imported: 1  (RSA: 1)

  10. This fetches the GPG public key from the Keyserver at and adds it to your GPG keyring. Now if you run:

    $ sudo apt-get update

    …again, you will see no errors output this time, which means you can safely install applications from it now without Apt warning you about being unable to authenticate them.
  11. To prove this, let’s try and install Deluge now:

    $ sudo apt-get install deluge

    …and it should install like any other ordinary Ubuntu applications with no fuss, no worries and no error messages.
  12. Pat yourself on the back.

I get an “HTTP fetch” error when I try to import a GPG public key!

If at step 9, you get the following error:

$ sudo apt-key adv --keyserver --recv-keys C5E6A5ED249AD24C
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --keyserver --recv-keys C5E6A5ED249AD24C
gpg: requesting key 249AD24C from hkp server
gpgkeys: HTTP fetch error 7: couldn't connect to host
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0

It is because your firewall is blocking access to the Keyserver. Keyservers use port 11371 to communicate, not port 80 which is the normal HTTP port, so open 11371 as an outbound port on your firewall and re-run the command and it will work fine.

The simplified way of adding PPA’s using Ubuntu Karmic 9.10 or later.

Ubuntu 9.10 introduced a new, simpler way to add PPA’s to your system. Using the above Deluge example, you now only have to type in:

$ sudo add-apt-repository ppa:deluge-team/ppa

…and that’s it. This will do the whole sources.list creation and GPG key for you in one hit. That now simply leaves you to update your package lists with:

$ sudo apt-get update

…and then you can install Deluge with:

$ sudo apt-get install deluge

As you can see, it’s a far simpler method. You can, of course, still use the original method if you prefer.

Hey these PPA things are cool – can I create one of my own?

You certainly can. Refer to the Personal Package Archives for Ubuntu Help Page for everything you need to know, however please do not use a PPA as your own personal off-site backup for personal data. It is intended to help individuals and small groups who develop new software and do not have the resources to host their software for easy distribution by providing them a place where the masses can gain access to their project. To help curb the potential for abuse, PPA’s are limited to 1GB of storage and you are bound by the Ubuntu Community Code of Conduct.