diff --git a/apps/server/src/server/api/routers/config.router.ts b/apps/server/src/server/api/routers/config.router.ts
index 208d726..464e586 100644
--- a/apps/server/src/server/api/routers/config.router.ts
+++ b/apps/server/src/server/api/routers/config.router.ts
@@ -1,3 +1,5 @@
+import { validatePgpPrivateKey } from '@furtherverse/crypto'
+import { ORPCError } from '@orpc/server'
 import { ensureUxConfig, setUxLicence, setUxPgpPrivateKey } from '@/server/ux-config'
 import { db } from '../middlewares'
 import { os } from '../server'
@@ -19,6 +21,12 @@ export const setLicence = os.config.setLicence.use(db).handler(async ({ context,
 })
 
 export const setPgpPrivateKey = os.config.setPgpPrivateKey.use(db).handler(async ({ context, input }) => {
+  await validatePgpPrivateKey(input.pgpPrivateKey).catch((error) => {
+    throw new ORPCError('BAD_REQUEST', {
+      message: `Invalid PGP private key: ${error instanceof Error ? error.message : 'unable to parse'}`,
+    })
+  })
+
   const config = await setUxPgpPrivateKey(context.db, input.pgpPrivateKey)
   return toConfigOutput(config)
 })