diff --git a/cmd/age-gen-passphrase/main.go b/cmd/age-gen-passphrase/main.go
index 2e98ec7..3bd27fc 100644
--- a/cmd/age-gen-passphrase/main.go
+++ b/cmd/age-gen-passphrase/main.go
@@ -35,11 +35,17 @@ func main() {
 		errorf("internal error: %v", err)
 	}
 
-	fmt.Printf("Public key: %s\n", k.Recipient())
+    // if user is not seeing private keyfile, which also contains public key,
+    // also duplicate public key it to stderr,
+    // but if user sees public key via stdout, no need for duplication
+    if !term.IsTerminal(int(os.Stdout.Fd())) {
+	    fmt.Fprintf(os.Stderr, "Public key: %s\n", k.Recipient())
+    }
 
-	fmt.Printf("# created: %s\n", time.Now().Format(time.RFC3339))
-	fmt.Printf("# public key: %s\n", k.Recipient())
-	fmt.Printf("%s\n", k)
+    err = writeSecretKey(os.Stdout, k)
+    if err != nil {
+        fmt.Printf("Failed to write secret key to file, error: %s\n", err)
+    }
 }
 
 func getPasswordBytes() ([]byte, error) {
@@ -53,6 +59,21 @@ func getPasswordBytes() ([]byte, error) {
 	}
 }
 
+func writeSecretKey(f *os.File, key *age.X25519Identity) error {
+    var err error
+
+    _, err = fmt.Fprintf(f, "# created: %s\n", time.Now().Format(time.RFC3339))
+    if err != nil { return err; }
+
+    _, err = fmt.Fprintf(f, "# public key: %s\n", key.Recipient())
+    if err != nil { return err; }
+
+    _, err = fmt.Fprintf(f, "%s\n", key)
+    if err != nil { return err; }
+
+    return nil
+}
+
 // almost a copy of private function in age/x25519.go
 func newX25519IdentityFromScalar(secretKey []byte) (*age.X25519Identity, error) {
 	if len(secretKey) != curve25519.ScalarSize {