For those wondering that they can't access their owner-key anymore in permissions.
Hello everyone,
TL;DR: This is primarly to let you know that it's normal that you can't access your active/owner keys in the permissions settings, so don't panic, yet!
EDIT: I just found this POST: Full list of SteemIt hacked accounts. Check for yours.
Old Post for reference:
If you are afraid that
maybe this post can help you.
Verify your secret keys
I was unsure if I was affected by the hack and I still used password authentication, so all my keys were at risk.
I checked my permissions page and found that I couldn't login/show my owner and active key anymore, so I thought maybe someone has taken/changed it.
Luckily I have steemd node running and could look into the cli_wallet and found the function:
locked >>> get_private_key_from_password imp3 owner my_password [ "STM6pjyaWYoRriy5UyxWWERudmesz3WTuUt2t9mKM1UFknsWqQaFB", "5...privatekey" ]
This yielded the correct public key for me (the same that you see in the permissions tab) and therefore also the correct privatekey. So everything is fine and I am not compromised.
So if you are unsure if you were hacked or not and have access to a cli wallet on a trusted host you can check it.
If you don't have a trusted node you are pretty much out of luck for verify that everything is fine.
Security notice
don't give your password to anyone and don't use cli_wallet with an untrusted node! Really, I mean it.
Excuse me hope you dont mine, what is cli wallet and what is trusted host. Hope my question is not stupid enough
Hey, no worries, there are no stupid questions :)
cli_wallet is a command line tool for working with the blockchain and accessing account information. It is included here: https://github.com/steemit/steem
There is also a post explaining how to make it work for windows, this is here: https://steemit.com/steem/@tuck-fheman/how-to-mine-steem-in-windows
A trusted host is a system with steemd running by a person that you trust. With that I mean, the database (the blockchain) is running on a peer2peer network and a malicious peer could read your password and steal your account.
When you have a node running on your local machine would be trustworthy...for you at least ;)
Hope I could help you.
Thanks man, I will look into it. I still have so many questions about steemit especially with the wallet. I dont understand how the wallet works and how to make it work. How to check my earnings? How the payout goes, is it automatic or I need to generate it by myself?
Thank you for useful information.
Is it still relevant that we cannot login with owner keys?
(you may also see my full question here: https://steemit.com/question/@aleksei-filonov/help-still-cannot-login-with-master-password)
hey, yes, it's still normal that you can't see/set your owner key in the web interface. I think they first want to roll out account recovery systems before we can manage owner key in the webui again.