diff --git a/bare_minimum_crypto/cpp/bmc_main.cpp b/bare_minimum_crypto/cpp/bmc_main.cpp
index d018960..2de2402 100644
--- a/bare_minimum_crypto/cpp/bmc_main.cpp
+++ b/bare_minimum_crypto/cpp/bmc_main.cpp
@@ -1,4 +1,5 @@
 #include <chrono>
+#include <filesystem>
 #include <fstream>
 #include <iostream>
 #include <optional>
@@ -20,6 +21,7 @@
 using namespace std;
 using nlohmann::json;
 using namespace BareMinimumCrypto;
+namespace fs = std::filesystem;
 
 int file (const string & file_path) {
 	cout << "Reading `" << file_path << "`" << endl;
@@ -50,24 +52,30 @@ int file (const string & file_path) {
 	if (schema == "3T6XF5DZ") {
 		cout << "File is a passphrase-protected secret key" << endl;
 		
+		// Read msgpack fields
 		const Instant time_created (j ["time_created"]);
 		const auto pubkey = j ["pubkey"].get_binary ();
 		const string key_machine_id = j ["machine_id"];
 		
-		const auto our_machine_id = get_machine_id ();
+		// Read data from other places
 		const auto now = Instant::now ();
 		
+		// Print normal stuff
 		cout << "Generated at Unix time " << time_created.x 
 		<< " (" << now.x - time_created.x << " seconds ago)"
 		<< endl;
 		cout << "Generated on machine ID " << key_machine_id << endl;
 		cout << "Claims to have Base64 pubkey " << base64_encode (pubkey) << endl;
 		
+		// Print warnings
 		if (now.x < time_created.x) {
-			cout << "The key was generated in the past. Someone's clock is wrong." << endl;
+			cout << "* The key was generated in the past. Someone's clock is wrong." << endl;
 		}
-		if (our_machine_id != key_machine_id) {
-			cout << "The key was generated on another machine. You should report this." << endl;
+		if (get_machine_id () != key_machine_id) {
+			cout << "* The key was generated on another machine. You should report this." << endl;
+		}
+		if (fs::status (file_path).permissions () != fs::perms::owner_read) {
+			cout << "* The key doesn't have the right permissions. Try `chmod 400` on it." << endl;
 		}
 	}
 	else {
diff --git a/bare_minimum_crypto/cpp/signing_key.h b/bare_minimum_crypto/cpp/signing_key.h
index 98102bc..c0df333 100644
--- a/bare_minimum_crypto/cpp/signing_key.h
+++ b/bare_minimum_crypto/cpp/signing_key.h
@@ -37,8 +37,6 @@ namespace BareMinimumCrypto {
 		
 		static optional <SigningKey> load_from_file (const string & file_path, const string & passphrase);
 		
-		static optional <SigningKeyFile> check_file (const string & file_path);
-		
 		vector <uint8_t> pubkey () const;
 		vector <uint8_t> pub_to_msgpack () const;