3rd-party Software Package Sources
Over the course of this series, several software packages have been installed from third-party repositories rather than the standard Ubuntu repositories. This page documents all of them in one place: where each repository came from, why it was added, and how to manage or remove it if needed.
The source material this series draws on uses the deprecated apt-key adv --keyserver approach for adding repository keys. On Kubuntu 24.04, the correct approach is storing keys in /usr/share/keyrings/ as binary or ASCII-armored files and referencing them in the repository definition via the signed-by option. All repositories documented here use the current method.
Managing third-party repositories
Listing all installed repositories
# List all configured apt sources
find /etc/apt/sources.list.d/ -name "*.list" -o -name "*.sources" | sort
# Or use apt directly
apt-cache policy
Removing a repository and its packages
To remove a PPA and downgrade its packages to the Ubuntu version:
sudo ppa-purge ppa:repository-name/ppa-name
For non-PPA repositories, remove the file from /etc/apt/sources.list.d/ and the corresponding keyring file from /usr/share/keyrings/, then run:
sudo apt update
To find which packages came from a specific repository:
apt-cache madison package-name
Or list all packages from a specific source:
apt list --installed 2>/dev/null | grep -i "repository-name"
Repositories in use
Brave Browser
Added in the browser section of this series.
Purpose: Current Brave browser releases. The Ubuntu repositories do not include Brave.
Key location: /usr/share/keyrings/brave-browser-archive-keyring.gpg
Repository file: /etc/apt/sources.list.d/brave-browser-release.list
To add:
sudo curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg \
https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/brave-browser-archive-keyring.gpg] \
https://brave-browser-apt-release.s3.brave.com/ stable main" | \
sudo tee /etc/apt/sources.list.d/brave-browser-release.list
Signal Desktop
Added in the instant messaging section of this series.
Purpose: Current Signal desktop releases. Signal is not in the Ubuntu repositories.
Key location: /usr/share/keyrings/signal-desktop-keyring.asc
Repository file: /etc/apt/sources.list.d/signal-xenial.list
To add:
wget -qO- https://updates.signal.org/desktop/apt/keys.asc | \
sudo tee /usr/share/keyrings/signal-desktop-keyring.asc > /dev/null
echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.asc] \
https://updates.signal.org/desktop/apt jammy main' | \
sudo tee /etc/apt/sources.list.d/signal-xenial.list
WireGuard / WineHQ
Added in the Wine section of this series.
Purpose: Current Wine releases. The Ubuntu repository version lags significantly.
Key location: /etc/apt/keyrings/winehq-archive.key
Repository file: /etc/apt/sources.list.d/winehq-noble.sources
To add:
sudo dpkg --add-architecture i386
sudo mkdir -pm755 /etc/apt/keyrings
sudo wget -O /etc/apt/keyrings/winehq-archive.key \
https://dl.winehq.org/wine-builds/winehq.key
sudo wget -NP /etc/apt/sources.list.d/ \
https://dl.winehq.org/wine-builds/ubuntu/dists/noble/winehq-noble.sources
KeePassXC
Added in the secrets section of this series.
Purpose: Current KeePassXC releases via the maintainer’s PPA. The Ubuntu repository version lags behind current releases.
Repository: ppa:phoerious/keepassxc
To add:
sudo add-apt-repository ppa:phoerious/keepassxc
Yubico (libpam-u2f)
Added in the Yubikey PAM section of this series.
Purpose: Current Yubico PAM module and tools. Ensures the latest libpam-u2f version for Yubikey login.
Repository: ppa:yubico/stable
To add:
sudo add-apt-repository ppa:yubico/stable
Tor Project
Added if Tor Browser or OnionShare is used.
Purpose: Current Tor packages directly from the Tor Project rather than the Ubuntu mirrors, which may lag.
Key location: /usr/share/keyrings/tor-archive-keyring.gpg
Repository file: /etc/apt/sources.list.d/tor.list
To add:
sudo wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | \
gpg --dearmor | \
sudo tee /usr/share/keyrings/tor-archive-keyring.gpg > /dev/null
echo "deb [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] \
https://deb.torproject.org/torproject.org noble main" | \
sudo tee /etc/apt/sources.list.d/tor.list
Nextcloud Desktop Client
Added in the Nextcloud file synchronisation section of this series.
Purpose: Current Nextcloud desktop sync client. The Ubuntu repository version lags behind the Nextcloud server version, which can cause sync compatibility issues.
Key location: /usr/share/keyrings/nextcloud-keyring.gpg
Repository file: /etc/apt/sources.list.d/nextcloud-client.list
To add:
curl -fsSL https://download.nextcloud.com/desktop/releases/Linux/latest/GPG_KEY | \
gpg --dearmor | \
sudo tee /usr/share/keyrings/nextcloud-keyring.gpg > /dev/null
echo "deb [signed-by=/usr/share/keyrings/nextcloud-keyring.gpg] \
https://download.nextcloud.com/desktop/releases/Linux/latest/apt noble main" | \
sudo tee /etc/apt/sources.list.d/nextcloud-client.list
MeshCore / LoRa tools
Added if command line tools for MeshCore firmware flashing are used from Linux.
Purpose: Python tools for LoRa hardware management. Typically installed via pipx rather than apt to avoid system Python conflicts.
Installation:
sudo apt install pipx
pipx install esptool
pipx install adafruit-nrfutil
Software installed via direct download
Some software does not use a repository and is installed via direct download or alternative package managers. Documented here for completeness.
Calibre
Installed via the official installer script rather than a repository. Updates via the same script.
sudo -v && wget -nv -O- https://download.calibre-ebook.com/linux-installer.sh | sudo sh /dev/stdin
borgmatic
Installed via pipx --global rather than apt to get the current version without system Python conflicts:
sudo pipx install borgmatic --global
Jitsi Meet Electron
Installed via .deb download from GitHub releases. Check for updates manually at:
https://github.com/jitsi/jitsi-meet-electron/releases
Jellyfin Media Player
Installed via .AppImage or Flatpak. If using Flatpak:
flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
flatpak install flathub com.github.iwalton3.jellyfin-media-player
What the source material listed that is no longer relevant
The original source material included several repositories that are either abandoned, superseded, or no longer relevant to this setup:
Day of Ubuntu Wallpaper: A 2009 Ubuntu wallpaper pack from Ubuntu Karmic. Not relevant.
Devolo Powerline: Hardware-specific management software. Only needed if Devolo powerline adapters are in use.
Guardian Project KeySync: Project appears abandoned. OMEMO in Dino replaces the functionality it was addressing.
upmpdcli / upplay: UPnP music playback tools superseded by the Snapcast and Jellyfin approach in the media section.
Ring (now Jami): The application was renamed Jami and is now available in the Ubuntu repositories directly: sudo apt install jami.
Quimup: A Qt3-based MPD client last updated around 2015. Replaced by Elisa or other modern music players.
Conky Manager: The PPA is abandoned. Conky is available directly from Ubuntu repositories: sudo apt install conky.
Third-party repositories are a trust decision. Each one you add is a source that can push packages to your machine. Prefer PPAs and repositories from the software’s own maintainers over unofficial mirrors. Audit the list periodically and remove anything that is no longer needed.