gpg: import failure key xxxxxxxx: no valid user IDs

It might also be a version conflict: The key (originating from gpg v2.x) may have some feature old 1.4 series gpg doesn't understand.

(Similar, misleading error messages are given if you try to feed a pre-2.1 gpg with an elliptic curve key that you can create using gpg --expert in version 2.1 or newer.)


gpg requires a valid signature issued by the key owner - this is important because it binds the user description and e-mail address to the actual public key; otherwise, this information could be arbitrarily modified. This self-signature seems to be broken, thus gpg refuses to use the key.


gpg (GnuPG) 1.x.x only supports up to DAS1024. Any RSA key will however work.

The error "gpg: DSA requires the use of a 160 bit hash algorithm" will be thrown when trying to import a DSA2048 key where RSA2048 and even RSA4096 will work.


To check is public key is compliant with version 1.x:

> gpg --list-packet {key.pub}|grep -A2 "public sub key packet"

:public sub key packet:
        version 4, algo 1, created 1560364275, expires 0
        pkey[0]: [2048 bits]

Command will return Algo on first line where the 2 listed here can be selected with keys are generated (ref: Public-Key Algorithms).


ID Algorithm

== =========

1 - RSA (Encrypt or Sign) [HAC]

17 - DSA (Digital Signature Algorithm) [FIPS186] [HAC]


If algo 17 is returned, gpg (GnuPG) 1.x.x will only support up to 1024 bits (second line returned with the above command).

Please note that any Algorithm of any size are supported with gpg (GnuPG) 2.x.x