I am running a Mail-in-a-Box server on Ubuntu 18.04. As part of the setup/update script, it attempts to execute the command add-apt-repository -y ppa:certbot/certbot
. This fails with the following error message:
FAILED: add-apt-repository -y ppa:certbot/certbot
-----------------------------------------
Error: retrieving gpg key timed out.
-----------------------------------------
When I try to run the command manually, I get the following error:
Error: retrieving gpg key timed out.
Things I have already tried
I have tried all of the following and none of them resolved my issue. If there was an obvious way to undo what I tried, I undid it before trying the next thing.
Reboot
I rebooted the server with sudo reboot
.
apt-get --allow-releaseinfo-change
This person
had a similar problem and solved it with
sudo apt-get --allow-releaseinfo-change update
.
Let's Encrypt down
It has been suggested (twice) that Let's Encrypt may be down. However, I have tried running the command at various times, their status dashboard doesn't indicate any major issues and it runs fine on a different Ubuntu 18.04 machine I set up for testing.
Wrong nameserver
This user had a similar issue, which he solved by editing his /etc/resolv.conf
file.
My file had the contents nameserver 127.0.0.1
. I know that Mail-in-a-Box can
also function as a nameserver, so I assume it is fine. For thoroughness' sake
I changed it to nameserver 8.8.8.8
, but this didn't fix the problem.
apt autoclean & autoremove
A commenter suggested
running sudo apt autoclean && sudo apt autoremove
.
Switch keyserver
This user suggests editing the
~/.gnupg/gpg.conf
file to use a different keyserver:
keyserver keys.openpgp.org
This other user
does what appears to be the same thing but inline. I tried
sudo add-apt-repository -k hkp://keyserver.ubuntu.com:80 -y ppa:certbot/certbot
and
sudo add-apt-repository -k hkp://pool.sks-keyservers.net:80 -y ppa:certbot/certbot
.
This third user apparently tries to
change the keyserver and port in a different way. I tried his command
gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 94558F59
.
A fourth person suggested the
following two commands:
gpg --keyserver hkp://keys.gnupg.net --recv-keys 94558F59
and
gpg --keyserver hkp://pgp.mit.edu --recv-keys 94558F59
.
Disable firewall
This person tried disabling
their firewall before running the command. So did I with sudo ufw disable
.
Someone else
thought unblocking port 11371 might work. I tried sudo ufw allow 11371
.
I also don't believe that an ISP-firewall is causing issues. I am running a VPS from Vultr and my testing-machine (on which it works) is also hosted by them.
Miscellaneous
I believe a fresh install of the operating system would alleviate this issue. However, I would prefer not to do this if at all possible.
I was unsure, whether this question would better fit the ask ubuntu or the server fault Stackexchange so I took the liberty of posting it on both sites.
Is the Vultr instance one of the IPv6-only sandbox plans? If so, the lack of IPv4 might be the issue.