Tried to generate PGP key with seahorse got error: Couldn't generate PGP key, not found. (firefox, seahorse ui etc.) gain permission to see everything from that. The brute-force technique breaks an OpenPGP encrypted text only via the private key (which is usually very long); consequently the brute-force technique used to break the private PGP key is done via the passphrase (known to the owner of the key) when the key was created for 'storage purpose'. Is that correct? Jan 31, 2014 sysctl: permission denied on key 'vm.maxmapcount' though elasticsearch is running, is it a huge problem for production environment? This comment has been minimized.

I have been pulling my hair with getting OpenDKIM to work on a Debian machine with Postfix. Abbyy finereader 7.0 key generator. I have been changing my KeyTable, SigningTable, ExternalIgnoreList, InternalHosts files and references like a madman.

I have kept getting errors like this in /var/log/mail.log

Seahorse Couldn't Generate Pgp Key Permission Denied To Drive

[code]Feb 28 11:21:43 06-135-D2 opendkim[27826]: 5EADD532313: dkim_eom(): resource unavailable: d2i_PrivateKey_bio() failed

Feb 28 11:24:00 06-135-D2 opendkim[27955]: D2560532313 error loading key `default._domainkey.mydomain.com'[/code]

Unfortunately OpenDKIM does not give more info than this and Googling did not provide many hints mor than possibly being a directory access problem. I checked directory and file access and realized that the key file was only readable by root.

[code]-rw——- 1 root root 891 Feb 28 00:14 default.private[/code]

Testing Permissions
(you can skip straight to Solution below)

[Edit: Renamed this part from “Solution” to “Testing Permissions” and added a better Solution below. Thanks to Andreas Schultze on the OpenDKIM mailing list for getting me on the right track to finding the correct solution]

As I used opendkim-genkey to generate my key I would have thought permissions would be set ok from the start but I anyway tried doing chmod 644 on the key file

[code]chmod 644 default.private[/code]
[code]-rw-r–r– 1 root root 891 Feb 28 00:14 default.private[/code] /generating-ssh-key-pair-from-pem-in-mac.html.

And finally – success!
In /var/log/mail.log:

[code]Feb 28 11:30:28 06-135-D2 opendkim[27955]: 5E811532313 'DKIM-Signature' header added[/code]

Seahorse Couldn't Generate Pgp Key Permission Denied Windows 10

To me it seems a little unsecure to do chmod 644 on the file as this means anyone with access to the system can read the private key. In my case I consider my system secure as it is only used for SMTP/Postfix so I am happy that is working.

As I am all new to Debian, OpenDKIM and Postfix (The last time I touched Unix was when I worked with IBM’s AIX on their RS/6000 systems in the early 90s…) so I would be happy to hear any thoughts on this.

Solution

To set permissions to allow OpenDKIM but no unauthorized users to access the private key, change owner of the private key file to user and group opendkim with the following command:

[code]chown opendkim:opendkim default.private[/code]

Pgp Key Example

(To check what user opendkim is running as, check the running processes once you have started opendkim: ps -f -A
This command shows what groups the user opendkim belongs to: group opendkim)

Seahorse Couldn't Generate Pgp Key Permission Denied Form

Maybe this is fixed to set file permissions correctly in a later version of opendkim-genkey, I am running the old 2.0.1 apt-get package that is currently available for Debian.