Why am I seeing a “handshake unauthorized” error message after attempting to deploy the agent?
- The .secret file has become corrupted or invalid somehow.
- The agent was revoked or went offline and the user tried to rerun setup on the same machine.
- Customer created an AMI not following recommended procedure Click here for details
Upon running `cloudsight setup`, TS agent services do not start and handshake unauthorized message is displayed on the command line and captured in the logs.
The error message:
Error received: handshake unauthorized
The “handshake unauthorized” message means the agent attempted to connect to the Threat Stack application but was unable to successfully authenticate.
To resolve this error and successfully deploy the agent:
- Confirm that no Threat Stack agent processes are running.
- Delete the /opt/threatstack/cloudsight/config/.secret file
- Run the setup step again.
You can find the .secret file at: /opt/threatstack/cloudsight/config/.secret