Introduction
age (pronounced "ah-geh", from the Italian) is a modern encryption tool designed as a simpler replacement for GPG. While GPG is powerful but notoriously complex, age has exactly one job: encrypting and decrypting files. No key servers, no web of trust, no configuration files, no surprising defaults.
With over 22,000 GitHub stars, age was designed by Filippo Valsorda (former Go security lead at Google) with a focus on simplicity and correctness. It is used by sops, chezmoi, and other tools as their encryption backend.
What age Does
age encrypts files using X25519 key agreement and ChaCha20-Poly1305 AEAD. You generate a key pair, share your public key (starts with "age1..."), and anyone can encrypt files for you. Only your private key can decrypt them. It also supports passphrase-based encryption using scrypt.
Architecture Overview
[age Encryption]
Sender Recipient
| |
age -r age1pub... file.txt age-keygen
| -> public key (age1...)
[X25519 key agreement] -> private key (AGE-SECRET-KEY-1...)
| |
[ChaCha20-Poly1305 AEAD] |
| |
file.txt.age ---- transfer ---> age -d -i key.txt file.txt.age
|
file.txt (decrypted)
[Also supports]
- Passphrase encryption (scrypt)
- SSH key encryption (ssh-rsa, ssh-ed25519)
- Multiple recipients
- Piping (stdin/stdout)Self-Hosting & Configuration
# Key management
age-keygen -o ~/.config/age/key.txt
chmod 600 ~/.config/age/key.txt
# Encrypt for multiple recipients
age -r age1abc... -r age1def... -o shared.age document.pdf
# Encrypt using SSH keys (no age keys needed)
age -R ~/.ssh/id_ed25519.pub -o secret.age secret.txt
age -d -i ~/.ssh/id_ed25519 secret.age
# Pipe-friendly (UNIX composability)
tar czf - my-folder/ | age -r age1abc... > backup.tar.gz.age
age -d -i key.txt backup.tar.gz.age | tar xzf -
# Encrypt environment variables
echo "DATABASE_URL=postgres://..." | age -r age1abc... -a > .env.age
age -d -i key.txt .env.age # outputs the secret
# Use with sops for config management
# .sops.yaml:
# creation_rules:
# - age: age1abc...
sops --encrypt --age age1abc... secrets.yaml > secrets.enc.yamlKey Features
- Simple CLI — encrypt and decrypt with minimal flags
- Small Keys — short, human-readable public keys (age1...)
- No Config — zero configuration files or options to misuse
- SSH Compatible — encrypt using existing SSH keys
- Multiple Recipients — encrypt for multiple people simultaneously
- Pipe-Friendly — works with stdin/stdout for UNIX composability
- Go Library — use age as a library in Go applications
- Audited — designed with formal security analysis
Comparison with Similar Tools
| Feature | age | GPG | openssl enc | Vault Transit |
|---|---|---|---|---|
| Complexity | Minimal | Very High | Moderate | High (server) |
| Key Format | age1... (short) | Fingerprints (long) | Symmetric only | API-managed |
| Config Files | None | gpg.conf, keyrings | None | Server config |
| SSH Key Support | Yes | No | No | No |
| Key Servers | No | Yes (WoT) | N/A | Vault server |
| Use Case | File encryption | Email, signing, PKI | Quick encryption | Secrets as service |
| Learning Curve | Very Low | Very High | Low | Moderate |
FAQ
Q: age vs GPG — when should I use which? A: Use age for file encryption, backups, and secrets. Use GPG only when you need email signing, package signing, or compatibility with GPG-based workflows.
Q: Is age secure? A: Yes. age uses X25519 and ChaCha20-Poly1305, both well-studied modern cryptographic primitives. The specification was designed with simplicity to minimize implementation mistakes.
Q: Can I sign files with age? A: No. age only does encryption. For signatures, use minisign, signify, or cosign. This is intentional — age does one thing well.
Q: How does age work with sops? A: sops (Secrets OPerationS) uses age as an encryption backend to encrypt specific values in YAML/JSON config files. This lets you commit encrypted configs to Git while keeping them readable.
Sources
- GitHub: https://github.com/FiloSottile/age
- Specification: https://age-encryption.org
- Created by Filippo Valsorda
- License: BSD-3-Clause