Problem when adding apt repository

I need to add a apt repository to install some python packages.

gpg: keyserver receive failed: Operation not permitted

How can I solve it?

Could you try please as per https://www.whonix.org/wiki/Free_Support_Principle?

There is no solution in link…

Did you attempt to reproduce this on Debian?

When I try to add apt repositories in whonix, I can’t add it because of that problem. Of course it works elsewhere.

Is this firewall problem?

Where are the instructions which you are following?

If you search this on whonix forum, you will see the same thing happened with someone else, it was relate possibly to the keyserver blocking tor requests.

I need to install python3, etc…

I’m trying to

sudo add-apt-repository ppa:deadsnakes/ppa

But it keeps failing.

Can you give me the link?

First, you don’t need to add a ppa to have python3, current debian packaging is using python3.9.2.

Second, it is safer to build from source than to add ppas.

Third, if something is not working, search keywords:
You don’t need to add a ppa to have python3

Other problem is ubuntu keyserver blocking tor requests.
The signing key can be found here https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xba6932366a755776

Another problem is that apt-add-repository adds kinetic dist repository, and there is no release file for that in the ppa, latest one is jammy. So you will have to manually edit the sources list on /etc/apt/sources.list.d/.

Another problem is that it doesnt accept TLS as the certificate is not valid

Ign:3 https://ppa.launchpad.net/deadsnakes/ppa/ubuntu jammy InRelease
Err:3 https://ppa.launchpad.net/deadsnakes/ppa/ubuntu jammy InRelease
Certificate verification failed: The certificate is NOT trusted. The name in the certificate does not match the expected. Could not handshake: Error in the certificate verification. [IP: 185.125.190.52 443]
Reading package lists… Done
E: Failed to fetch https://ppa.launchpad.net/deadsnakes/ppa/ubuntu/dists/jammy/InRelease Certificate verification failed: The certificate is NOT trusted. The name in the certificate does not match the expected. Could not handshake: Error in the certificate verification. [IP: 185.125.190.52 443]

I prefer to stick with debian+kicksecure+whonix software without this untrusted repository that has bad security practices, only uses signature verification because apt forces it.

But in any way, if you still want to do it:

Go to https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xf23c5a6cf475977595c89f51ba6932366a755776
Copy the contents to a file named ppa.

sudo cp ppa /usr/share/keyrings/deadsnakes-ubuntu-ppa-jammy.asc

echo "deb [signed-by=/usr/share/keyrings/deadsnakes-ubuntu-ppa-jammy.asc] http://ppa.launchpad.net/deadsnakes/ppa/ubuntu jammy main" | sudo tee /etc/apt/sources.list.d/deadsnakes-ubuntu-ppa-jammy.list

Now good luck.

2 Likes

I gave up on using whonix.

I’ve googled for 3 hours, but no answer :frowning:

If you want help, please don’t spam new threads, use the same one as before on
https://whonix.org/t/problem-when-adding-apt-repository/14087/3

sorry. Thank you for answer.

You’re attempting to do non-standard, advanced stuff.
PPAs aren’t popular in Debian, which Whonix is based on.
python3 is installed by default. No need to manually install it.

Do you know the standard way of installing software yet, i.e. avoiding PPAs? See:

(Whonix is based on Kicksecure.)

Background:

New generic documentation (not a solution for this issue specifically) will be provided soon.

Written just now:
Install from Custom APT Repository