Skip to main content
OpsKit

GPG Key Generator - Create PGP Key Pairs Online

Generate GPG/PGP key pairs (RSA, Curve25519, P-256/384/521) in your browser using OpenPGP.js. Passphrase protection, expiration options, ASCII armored output. 100% client-side.

GPG/PGP Key Pair Generator (OpenPGP)

Identity

Key Options

Keys are generated in-browser. Clear the page after copying.

What Is GPG/PGP?
#

GPG (GNU Privacy Guard) is an open-source implementation of the OpenPGP standard for encrypting and signing data. PGP key pairs enable:

  • Email Encryption: Encrypt messages so only the recipient can read them
  • Digital Signatures: Sign files, commits, and messages to prove authenticity
  • Git Commit Signing: Verify that commits come from a trusted author
  • Package Signing: Sign software packages and releases

Key Types
#

  • RSA: Widely supported, available in 2048/3072/4096-bit sizes
  • Curve25519: Modern elliptic curve, fast and secure (recommended for new keys)
  • P-256/P-384/P-521: NIST elliptic curves for compliance requirements

Privacy & Security
#

This tool runs entirely in your browser:

  • No Server Communication: Your keys never leave your device
  • No Storage: Nothing is saved to localStorage, cookies, or servers
  • OpenPGP.js: Uses the widely-audited OpenPGP.js library
Security Notice
Important: While this tool is completely client-side, for production GPG keys use local tools like gpg --full-generate-key. Use this tool for testing, learning, and quick key generation.

Frequently Asked Questions
#

Which key type should I choose?
#

Curve25519 is recommended for modern usage. It’s fast, secure, and produces compact keys. Use RSA 4096 if you need maximum compatibility with older systems.

Should I set a passphrase?
#

Yes, a passphrase is strongly recommended. It encrypts your private key so that even if the key file is compromised, an attacker cannot use it without the passphrase.

What does the expiration date do?
#

Key expiration limits the validity period. After expiration, the key can no longer be used for new signatures or encryption. You can extend expiration before it lapses. Setting “Never” is not recommended for long-lived keys.

Can I use these keys for Git commit signing?
#

Yes. Import the private key with gpg --import, then configure Git:

1
2
3
4

gpg --import private-key.asc
gpg --list-secret-keys --keyid-format LONG
git config --global user.signingkey YOUR_KEY_ID
git config --global commit.gpgsign true

Related Tools#

  • SSH Key Generator - Generate SSH key pairs for server access
  • SSL Tools - Certificate validation, chain verification, and CSR generation
  • PEM Toolkit - Split PEM bundles and compute SPKI pins
  • JWT Tools - Decode and create JSON Web Tokens