diff --git a/.github/workflows/secrets/.gitignore b/.github/workflows/secrets/.gitignore
index 3bf2f81e..b1991dba 100644
--- a/.github/workflows/secrets/.gitignore
+++ b/.github/workflows/secrets/.gitignore
@@ -1 +1,3 @@
 id_ed25519
+# Just in case
+id_ed25519.new
diff --git a/.github/workflows/secrets/README.md b/.github/workflows/secrets/README.md
index c288636c..074c24be 100644
--- a/.github/workflows/secrets/README.md
+++ b/.github/workflows/secrets/README.md
@@ -21,15 +21,24 @@ The test suite should then be able to clone and push to the repo in CI.
 ```sh
 # Generate SSH key
 ssh-keygen -t ed25519 -f .github/workflows/secrets/id_ed25519 -C "maddy-portfolio" -N ""
-# Generate encryption password (copy this output)
-pwgen 32 1
+# Generate encryption password
+export PASSWORD=$(pwgen 32 1)
 # And encrypt it
-openssl aes-256-cbc -in .github/workflows/secrets/id_ed25519 -out .github/workflows/secrets/id_ed25519.enc -pbkdf2
+gpg --passphrase $PASSWORD --cipher-algo AES256 --output .github/workflows/secrets/id_ed25519.enc --symmetric --batch .github/workflows/secrets/id_ed25519C
+# Copy the password to your clipboard
+echo $PASSWORD
 ```
 
 Make sure to update the `SSH_ENCRYPTION_KEY` in the repo's GitHub Actions
 secrets settings. Its value should be set to the password you copied.
 
-### How it works
+### Decrypting the key
 
-See [this answer on StackOverflow](https://stackoverflow.com/a/76888551/6335363).
+```sh
+gpg --batch --passphrase $PASSWORD --output .github/workflows/secrets/id_ed25519.new --decrypt .github/workflows/secrets/id_ed25519.enc
+```
+
+### Sources
+
+* [GitHub actions](https://stackoverflow.com/a/76888551/6335363)
+* [Encrypting the keys](https://stackoverflow.com/a/31552829/6335363)
diff --git a/.github/workflows/secrets/id_ed25519.enc b/.github/workflows/secrets/id_ed25519.enc
index f548e65a..d6d879b5 100644
Binary files a/.github/workflows/secrets/id_ed25519.enc and b/.github/workflows/secrets/id_ed25519.enc differ
diff --git a/.github/workflows/secrets/id_ed25519.pub b/.github/workflows/secrets/id_ed25519.pub
index a3d22373..aa6902a3 100644
--- a/.github/workflows/secrets/id_ed25519.pub
+++ b/.github/workflows/secrets/id_ed25519.pub
@@ -1 +1 @@
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJJQA8Rn6wgF5t2pBTAaMZkMhj5ur8ecq67k5JpriAPK maddy-portfolio
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHOIa0tsZl13SrOUC73Krg/UJlBJjlgO3b3PlWujcfW+ maddy-portfolio