Create A “.deb Package Repository” at Using “Reprepro” Tool in Ubuntu

Reprepro is a small command-line tool to create and manage .deb repositories easily, Today we’ll be showing how to create a Debian package repositories easily using reprepro and how to upload it to using rsync command.

Create Deb Package Repository
Create Deb Package Repository

Step 1: Install Reprepro and Generate Key

First, install all the necessary packages, using the following apt-get command.

$ sudo apt-get install reprepro gnupg

Now you need to generate a gpg key using gnupg, to do this, apply this command.

$ gpg --gen-key

It will ask you some questions, like the kind of the key you want, how long the key should be valid, if you don’t know what to answer, just click Enter for the default options (recommended).

Of course, it will ask you for a username and a password, keep those in mind, because we will need them later.

gpg (GnuPG) 1.4.14; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
Your selection? 
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 
Requested keysize is 2048 bits
Please specify how long the key should be valid.
         0 = key does not expire
        = key expires in n days
      w = key expires in n weeks
      m = key expires in n months
      y = key expires in n years
Key is valid for? (0) 
Key does not expire at all
Is this correct? (y/N) Y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) <[email protected]>"

Real name: ravisaive
Email address: [email protected]
Comment: tecmint
You selected this USER-ID:
    "Ravi Saive (tecmint) <[email protected]>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.

gpg: key 2EB446DD marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
pub   2048R/2EB446DD 2014-06-24
      Key fingerprint = D222 B1C9 342E 5911 02B1  9147 3BD6 7918 2EB4 46DD
uid                  Ravi Saive (tecmint) <[email protected]>
sub   2048R/7EF2F750 2014-06-24

Now your key will be generated, to Check if so, run this command as a root privileges.

$ sudo gpg --list-keys
Sample Output
pub   2048R/2EB446DD 2014-06-24
uid                  ravisaive (tecmint) <[email protected]>
sub   2048R/7EF2F750 2014-06-24

Step 2: Create a Package Repository and Export Key

We’ll start the work now to create the repository, first you have to create some folders, our repository will be in /var/www/apt directory, so let’s create some folders.

$ sudo su
# cd /var/www
# mkdir apt
# mkdir -p ./apt/incoming 
# mkdir -p ./apt/conf
# mkdir -p ./apt/key

You have now to export the key you created to the repository folder, run.

# gpg --armor --export username [email protected] >> /var/www/apt/key/deb.gpg.key

Note: Replace username with the username you entered in above step, and [email protected] with your email.

We need to create a file called “distributions” inside /var/www/apt/conf.

# touch /var/www/apt/conf/distributions

Add these following lines to the distributions file and save the file.

Origin: (yourname)
Label: (name of repository)
Suite: (stable or unstable)
Codename: (the codename for the distribution you are using, like trusty)
Version: (the version for the distribution you are using, like 14.04)
Architectures: (the repository packages  architecture, like i386 or amd64)
Components: (main restricted universe multiverse)
Description: (Some information about the repository)
SignWith: yes

Next, We’ll have to create the repository tree, to do this, run those commands.

# reprepro --ask-passphrase -Vb /var/www/apt export
Sample Output
Created directory "/var/www/apt/db"
Exporting Trusty...
Created directory "/var/www/apt/dists"
Created directory "/var/www/apt/dists/Trusty"
Created directory "/var/www/apt/dists/Trusty/universe"
Created directory "/var/www/apt/dists/Trusty/universe/binary-i386"
FF5097B479C8220C ravisaive (tecmint) <[email protected]> needs a passphrase
Please enter passphrase:
Successfully created '/var/www/apt/dists/Trusty/'
FF5097B479C8220C ravisaive (tecmint) <[email protected]> needs a passphrase
Please enter passphrase:
Successfully created '/var/www/apt/dists/Trusty/'

Step 3: Add Packages to Newly Created Repository

Now prepare your .deb packages to be added to the repository. Go to the /var/www/apt directory, you have to do this each time you want to add packages.

# cd /var/www/apt
# reprepro --ask-passphrase -Vb . includedeb Trusty /home/ravisaive/packages.deb

Note: Replace trusty with the codename you entered for the repository in the distributions file, and replace /home/username/package.deb with the path to the package, you will be asked for the passphrase to enter.

Sample Output
/home/ravisaive/packages.deb : component guessed as 'universe'
Created directory "./pool"
Created directory "./pool/universe"
Created directory "./pool/universe/o"
Created directory "./pool/universe/o/ojuba-personal-lock"
Exporting indices...
FF5097B479C8220C ravisaive (tecmint) <[email protected]> needs a passphrase
Please enter passphrase:
Successfully created './dists/Trusty/'
FF5097B479C8220C ravisaive (tecmint) <[email protected]> needs a passphrase
Please enter passphrase:
Successfully created './dists/Trusty/'

Your package is added to the repository, to remove it.

# reprepro --ask-passphrase -Vb /var/www/apt remove trusty  package.deb

And of course, you need to modify the command with your package name and the repository codename.

Step 4: Upload Repository to

To upload the repository to, you need to have a running account there of course, and a running project, let’s assume that you want to upload the repository to where myfoo is your project name (UNIX name, not URL, not the Title), and testrepository is the folder where you want to upload the files into, We will do this using rsync command.

# rsync -avP -e ssh /var/www/apt/ [email protected]:/home/frs/project/myfoo/testrepository/

Note: Replace username with your username on and myfoo with your project UNIX-name and testrepository with the folder you want to store the files in.

Now thats your repository is uploaded to, to add it to your installed system, first you have to import the repository key, it will be in /var/www/apt/key/deb.gpg.key, but that’s a local path and the users for your repository won’t be able to add it to their systems, thats why we’ll be importing the key from

$ sudo su
# wget -O - | apt-key add -

You can add the repository easily now to your system, open /etc/apt/sources.list and add this line.

deb trusty main

Note: Replace myfoo with your project UNIX-Name, trusty with your repository codename, testrepository with the folder you uploaded the files into, and main with repository components you added to the distributions file.

Next, run following to update the repositories list.

$ sudo apt-get update

Congratulations! Your repository is active! You can now install packages easily from it if you want.

Hey TecMint readers,

Exciting news! Every month, our top blog commenters will have the chance to win fantastic rewards, like free Linux eBooks such as RHCE, RHCSA, LFCS, Learn Linux, and Awk, each worth $20!

Learn more about the contest and stand a chance to win by sharing your thoughts below!

Hanny Helal
A Linux & Foss user since 2010, working on many projects in the field of Free Software.

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.


Leave a Reply
      • Thanks Ravi,

        I think I am almost there…

        On step 3, when adding my deb package to my repo, reprepro asks for a passphrase for a key I created months ago and I do not remember it and it is not the key I exported to my repo.

        Do I really need it to ask for a passphrase ? What is the risk ? How do I delete the old key ?

        When pushing to github, I guess I push everything except .git and ignored files, am I right ?

        Best regards

  1. why in my distribution nor work. In step 2, when I export the key, it’s not work, It’s OutPut :
    # gpg –armor –export asrilmarhamah [email protected] >> /var/www/apt/key/deb.gpg.key
    gpg: WARNING: nothing exported
    whats wrong?
    Thanks before.

  2. Once repository is uploaded to sourceforge, how do you add new packages to that repsitory ? or how do you sync new packages to that repository ?

    • nvm, figured it out. However, sourceforge takes quite a long time to generate links for the files … much longer than they used to.

  3. I comment when I appreciate a article on a blog or I have something
    to valuable to contribute to the conversation. It’s caused by the
    fire communicated in the article I read. And on this post Create A “.deb Package Repository” at Using
    “Reprepro” Tool in Ubuntu. I was moved enough to create a thought :-) I
    do have some questions for you if it’s okay. Could it be only me or
    do a few of these responses appear like written by brain dead folks?
    :-P And, if you are posting on other online social sites, I’d
    like to follow you. Could you list all of your public
    pages like your Facebook page, twitter feed, or linkedin profile?


Got Something to Say? Join the Discussion...

Thank you for taking the time to share your thoughts with us. We appreciate your decision to leave a comment and value your contribution to the discussion. It's important to note that we moderate all comments in accordance with our comment policy to ensure a respectful and constructive conversation.

Rest assured that your email address will remain private and will not be published or shared with anyone. We prioritize the privacy and security of our users.