How to create a pgp key pair that never touches a server
- Step 1Select the generate action — Set Action to
Generate key pair. The form switches to show the algorithm picker, the Name and Email fields, and a passphrase field. The message and key-paste boxes used by sign/verify disappear. - Step 2Go offline if you want a true air-gap — Because generation needs no server round-trip, you can disconnect from the network (or use a saved offline copy of the page) before this step. The key is created in your tab regardless of connectivity.
- Step 3Choose the algorithm — Pick
Ed25519 (fast)(the default) for a small, fast modern key, orRSA-4096 (compatible)when a recipient's toolchain predates ECC. RSA-4096 generation is CPU-heavy and may take several seconds in-browser; Ed25519 is near-instant. - Step 4Set the identity — Fill Name and Email with your real identity — these become the user ID embedded in the key. If you leave them blank the tool falls back to
JAD Security useranduser@example.com. The email is not checked for deliverability. - Step 5Set a strong passphrase — Enter a passphrase in the password field — it encrypts the generated private key. Do not leave it blank: an empty passphrase produces an unprotected private key that anyone with the
.jsoncan sign as you with. - Step 6Download and archive the keypair — Run generate to download
pgp-keypair.json, which holds both armored blocks. Move the private key into your own secret manager and distribute the public key. The tool keeps no copy — if you lose the file you must generate a fresh pair.
Generation options and defaults
Every control the generate action exposes, from the schema. Bit size, curve, expiry, and sub-keys are not configurable — these four are the entire surface.
| Option | Values / default | Behaviour | Guidance |
|---|---|---|---|
algorithm | ed25519 (default) · rsa | ed25519 → ECC key on the Ed25519 curve. rsa → fixed 4096-bit RSA. No 2048/3072-bit or other curves | Ed25519 unless a recipient needs legacy RSA |
name | Free text (default JAD Security user) | Becomes the user-ID name embedded in the key | Set your real name so verifiers see a human identity |
email | Free text (default user@example.com) | Becomes the user-ID email embedded in the key | Use your real address; not validated for deliverability |
passphrase | Free text (may be empty) | Encrypts the new private key. Empty → an unprotected key | Always set one for any key you will actually use |
Ed25519 vs RSA-4096 for this tool
Choosing the algorithm. Both produce standard OpenPGP keys that import into GnuPG, Sequoia, and Mailvelope; the trade-offs are speed, signature size, and legacy reach.
| Aspect | Ed25519 (default) | RSA-4096 |
|---|---|---|
| Generation speed | Near-instant in-browser | CPU-heavy; can take several seconds |
| Signature size | Small (compact ECC signatures) | Large |
| Compatibility | Modern OpenPGP clients | Broadest, including older toolchains predating ECC |
| Configurable size | Curve fixed at Ed25519 | Bits fixed at 4096 — no 2048/3072 option |
| Best for | New signing identities, default choice | Recipients stuck on legacy crypto |
Where generation runs and how it's gated
Execution and access facts for the generate action, from the schema and registry. Generation reads no file, so the family's per-file size limits never apply.
| Property | Value | Source / note |
|---|---|---|
| Execution | Browser-only (OpenPGP.js WASM) | Listed in BROWSER_ONLY_SECURITY_SLUGS |
| Network needed | None to generate (works air-gapped once loaded) | No server round-trip in the generate path |
| Public API | Returns 400 with a pointer to the web tool | No server case exists for this slug |
| Minimum tier | Developer | minTier: developer in the registry |
| Key storage | Download only (pgp-keypair.json) — no tool-owned vault | Processor returns the keys; it does not persist them |
Cookbook
Concrete generation runs. The armored blocks below are truncated — your real keypair JSON is far longer. Everything happens in your browser tab.
Generate an Ed25519 identity for everyday signing
Action generate, algorithm ed25519, with a real name/email and a passphrase. Ed25519 generation is near-instant and the signatures it later produces are tiny.
Action: generate
Algorithm: ed25519 (fast)
Name: Dana Reyes
Email: dana@example.org
Passphrase: ••••••••••••••••
Download → pgp-keypair.json
{
"publicKey": "-----BEGIN PGP PUBLIC KEY BLOCK-----\n...",
"privateKey": "-----BEGIN PGP PRIVATE KEY BLOCK-----\n..."
}
The privateKey block is already passphrase-encrypted.Generate RSA-4096 for a legacy recipient
Action generate, algorithm rsa. Use this only when someone you correspond with runs a toolchain that predates ECC support. Expect generation to take several seconds.
Action: generate Algorithm: RSA-4096 (compatible) Name: Dana Reyes Email: dana@example.org Passphrase: •••••••••••••••• (several seconds of in-browser computation) Download → pgp-keypair.json (4096-bit RSA, both blocks)
Generate on an air-gapped machine
Load the page while online, disconnect from the network, then generate. No round-trip is needed, so the key is created with the machine offline.
1. Load /security-tools/pgp-message-signer (online) 2. Disconnect network / pull the cable 3. Action: generate, ed25519, set name/email/passphrase 4. Download pgp-keypair.json to encrypted USB 5. Move the private key into your offline secret store The private key was never transmitted anywhere.
Audit your chosen passphrase before you commit to it
The passphrase is the only thing protecting your downloaded private key. Score it first so a weak passphrase doesn't undermine an otherwise strong key.
Paste your intended passphrase into /security-tools/password-entropy-auditor Score 0-2 → choose a longer, more random passphrase Score 3-4 → safe to use as your key passphrase Then return here and generate with that passphrase.
Import the generated key into GnuPG
The downloaded blocks are standard OpenPGP armor, so they import into GnuPG and other clients directly. Split the JSON into two files first.
# Save publicKey block → public.asc, privateKey → private.asc $ gpg --import private.asc gpg: key A1B2C3D4E5F60718: secret key imported $ gpg --import public.asc The user ID shows "Dana Reyes <dana@example.org>".
Edge cases and what actually happens
Generated with an empty passphrase
By design — unprotected keyLeaving the passphrase field blank produces an unprotected private key: anyone who obtains the pgp-keypair.json can sign as you with no further secret. The tool allows it, but always set a passphrase for a key you intend to use.
Name and email left blank
Placeholder identityIf you leave Name and Email empty, the key's user ID falls back to JAD Security user / user@example.com. The key still works, but verifiers see a placeholder rather than your real identity. Set them for any key you publish.
RSA-4096 generation feels slow or stalls
Expected — CPU-heavyRSA-4096 key generation is computationally expensive and runs in-browser, so it can take several seconds and briefly pin a CPU core. This is normal; Ed25519 is near-instant if you don't specifically need RSA.
Lost the pgp-keypair.json file
UnrecoverableThe tool keeps no copy of your key — the downloaded pgp-keypair.json is the only one. If you lose it, the key is gone and you must generate a fresh pair (and re-publish the new public key). Archive the file in a secret manager immediately.
Expecting a saved-key vault to reuse the key later
Not in this UIThe shipped interface does not persist keys between sessions — there is no IndexedDB key list or saved-identity screen wired up. To sign later, you re-paste the private key from your archived pgp-keypair.json into the sign action.
Wanting a 2048/3072-bit RSA or an expiry date
Not offeredThe only generation knobs are algorithm, name, email, and passphrase. RSA is fixed at 4096 bits; there is no smaller-RSA, alternate-curve, sub-key, or expiry-date control. If your policy requires those, generate the key in GnuPG and paste it into the sign/verify actions here.
Tool is Developer-tier only
Tier-gatedThe registry sets minTier: developer, so Free, Pro, and Pro-media accounts cannot open the generate action — they see an upgrade prompt. Key generation shares the same Developer gate as sign and verify.
Trying to generate through the public API
400 rejectedKey generation depends on the browser-targeted OpenPGP.js WASM bundle, so the server engine has no case for this slug and the API runner returns 400. There is no way to mint a key server-side; use the browser UI.
Editing the user ID after generation
Re-generate insteadThere is no edit-identity or add-user-ID feature here. The Name and Email are baked into the key at generation time. To change them you generate a new key pair (or edit the user ID in GnuPG after importing).
Reusing the same key for encryption
Out of scopeThis tool generates a signing-focused identity and only signs/verifies — it does not encrypt or decrypt message bodies. For file confidentiality at rest, use aes-256-encryptor; PGP public-key message encryption is not implemented here.
Frequently asked questions
Is the private key really generated on my device and not a server?
Yes. The generate action runs OpenPGP.js on a browser-targeted WASM bundle, so the key pair is created in your tab. The slug is on the browser-only list and the server API returns 400, so there is no code path that could send your private key anywhere. The downloaded file is the only copy.
Can I generate a key on an air-gapped machine?
Yes. Generation needs no server round-trip once the page is loaded, so you can disconnect from the network (or use a saved offline copy of the page) and generate offline. This is the safest way to create a long-lived signing identity.
Which algorithms and key sizes can I generate?
Two: ed25519 (default, an ECC key with fast, compact signatures) and rsa, fixed at 4096 bits. There is no control for 2048/3072-bit RSA, alternate curves, sub-keys, or expiry dates — those are not part of this tool.
Where is my key stored after generation?
It is not stored by the tool. Generate downloads a single pgp-keypair.json containing both armored blocks, and that file is the only copy. The shipped UI has no saved-key vault, so move the private key into your own secret manager. Lose the file and you must generate a fresh pair.
Is the generated private key encrypted?
Only if you set a passphrase. The passphrase you enter encrypts the private key via OpenPGP key-protection. If you leave it blank you get an unprotected private key that anyone with the JSON can sign as you — so always set a strong passphrase.
How do I make sure my passphrase is strong enough?
Score it first with password-entropy-auditor, which rates a pasted password and estimates crack time. A weak passphrase undermines an otherwise strong key, since it is the only thing protecting the downloaded private key.
Can I set a custom name and email on the key?
Yes. The Name and Email fields become the user ID embedded in the key. Leave them blank and the tool uses the placeholders JAD Security user and user@example.com. The email is embedded as-is and not validated for deliverability.
Why does RSA-4096 take so long?
RSA-4096 key generation is computationally heavy and runs in your browser, so it can take several seconds and briefly load a CPU core. That is expected. Ed25519 generates almost instantly, so prefer it unless you specifically need RSA compatibility.
Will the generated key work with GnuPG and other clients?
Yes. The blocks in pgp-keypair.json are standard OpenPGP armor, so they import into GnuPG (gpg --import), Sequoia, Mailvelope, and other OpenPGP clients. Split the JSON into public and private .asc files first.
Can I generate a key for encrypting messages too?
This tool produces a signing identity and only signs and verifies — it does not encrypt or decrypt message bodies. For protecting a file at rest use aes-256-encryptor. PGP public-key message encryption is not implemented here.
What tier do I need, and is there a size limit?
It is a Developer-tier tool. There is no file-size limit because generation reads no file — it takes text fields and produces a downloadable JSON — so the security family's per-file caps do not apply.
Which JAD tools pair well with generating a key?
Audit your chosen passphrase with password-entropy-auditor before generating. After generating, use the sign action to create signed messages, and multi-hash-fingerprinter to hash content you want to attest to. For at-rest file encryption use aes-256-encryptor.
Privacy first
Every JAD Security operation runs entirely in your browser. Files, passwords, and PGP private keys never leave your device — verified by zero outbound network requests during processing.