Why do I need to specify ":80" when using "apt-key adv"?

Question

How come

apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db

would fail but

apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xcbcb082a1bb943db

would not?

How do I check what is being blocked?

score 10 · Accepted Answer · edited Oct 07 '21 at 07:18

10

The OpenPGP HTTP Key Protocol operates, by default, on port 11371.

The Ubuntu Keyserver is run on port 80 (by default, used by www-http) to reduce problems that can be caused by firewalls. So you need the port and protocol to make sure that GPG (which is running the request behind-the-scenes) knows exactly where to go to get the key.

Your first example is equivalent to:

apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:11371 0xcbcb082a1bb943db

Since you need to specify :80 when using apt-key adv, your network administrator or ISP has blocked port 11371.

edited Oct 07 '21 at 07:18

Community

1

answered Jul 16 '15 at 15:37

Cliff

1,373

4

Ubuntu's keyserver listens on port 80 so that you don't have any problem if your ISP/proxy/firewall blocks some ports. – Andrea Corbellini Jul 16 '15 at 15:51
2

@AndreaCorbellini (and Cliff) But it also works/listens on 11371. – Thomas Ward Jul 18 '15 at 23:32

Why do I need to specify ":80" when using "apt-key adv"?

1 Answers1