CrowdSec error "authenticate watcher" CentOS 8

I’ve installed CrowdSec and the iptables bouncer on CentOS 8 per the instructions on the site, but it doesn’t appear to be working. I’ve checked that selinux is off, and that nothing else is using port 8080 or 6060. After rebooting, the CrowdSec service is in the failed state:

# systemctl status crowdsec
● crowdsec.service - Crowdsec agent
   Loaded: loaded (/usr/lib/systemd/system/crowdsec.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Tue 2021-09-21 03:41:47 PDT; 53s ago
  Process: 1529 ExecStart=/usr/bin/crowdsec -c /etc/crowdsec/config.yaml (code=exited, status=1/FAILURE)
  Process: 1098 ExecStartPre=/usr//bin/crowdsec -c /etc/crowdsec/config.yaml -t (code=exited, status=0/SUCCESS)
 Main PID: 1529 (code=exited, status=1/FAILURE)

Sep 21 03:41:13 systemd[1]: Starting Crowdsec agent...
Sep 21 03:41:17 systemd[1]: Started Crowdsec agent.
Sep 21 03:41:47 crowdsec[1529]: time="21-09-2021 03:41:47" level=fatal msg="starting outputs error : authenticate watcher (bbaf9514b89d4815a9c6>
Sep 21 03:41:47 systemd[1]: crowdsec.service: Main process exited, code=exited, status=1/FAILURE
Sep 21 03:41:47 systemd[1]: crowdsec.service: Failed with result 'exit-code'.

Running systemctl restart crowdsec gets it running without any immediate errors thrown, but after a few minutes it re-enters the error state with the above message. Searching for this error seems to be more related to Docker installs, of which this is not.

I have checked that the /etc/crowdsec/local_api_credentials.yaml is populated, and also cran cscli machines add -a just to make double-sure we are good there.

Still end up with the following error in the /var/logs/crowdsec.log

time="21-09-2021 04:05:44" level=fatal msg="starting outputs error : authenticate watcher (bbaf9514b89d4815a9c692eeebf09f9cqDr4W1jGSuhNhYV8): Post \"\": could not get jwt token: Post \"\": dial tcp i/o timeout"

My issue is not fixed, but I have a feeling this is an issue with my server and not the software. The program I run on that server is no longer functioning as intended, so I think it is all connected somehow. Trying to do too much at once I guess :slight_smile:

Allright. Please write again if you change your mind and need help locating the error :slight_smile:


Hello @SeanP !

Can you share the content of /var/log/crowdsec.log ? We might get a good clue of what’s going on there !