Handshake Unauthorized Error


Why am I seeing a “handshake unauthorized” error message after attempting to deploy the agent?

Use cases:

  1. The .secret file has become corrupted or invalid somehow.
  2. The agent was revoked or went offline and the user tried to rerun setup on the same machine.
  3. Customer created an AMI not following recommended procedure Click here for details


Upon running `cloudsight setup`, TS agent services do not start and handshake unauthorized message is displayed on the command line and captured in the logs.

The error message:
Error received: handshake unauthorized

The “handshake unauthorized” message means the agent attempted to connect to the Threat Stack application but was unable to successfully authenticate.


To resolve this error and successfully deploy the agent:

  1. Confirm that no Threat Stack agent processes are running.
  2. Delete the /opt/threatstack/cloudsight/config/.secret file 
  3. Run the setup step again.


You can find the .secret file at: /opt/threatstack/cloudsight/config/.secret

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request



Article is closed for comments.