CrowdSec error "authenticate watcher" CentOS 8

SeanP · September 21, 2021, 10:57am

I’ve installed CrowdSec and the iptables bouncer on CentOS 8 per the instructions on the site, but it doesn’t appear to be working. I’ve checked that selinux is off, and that nothing else is using port 8080 or 6060. After rebooting, the CrowdSec service is in the failed state:

# systemctl status crowdsec
● crowdsec.service - Crowdsec agent
   Loaded: loaded (/usr/lib/systemd/system/crowdsec.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Tue 2021-09-21 03:41:47 PDT; 53s ago
  Process: 1529 ExecStart=/usr/bin/crowdsec -c /etc/crowdsec/config.yaml (code=exited, status=1/FAILURE)
  Process: 1098 ExecStartPre=/usr//bin/crowdsec -c /etc/crowdsec/config.yaml -t (code=exited, status=0/SUCCESS)
 Main PID: 1529 (code=exited, status=1/FAILURE)

Sep 21 03:41:13 support.calibercpas.com systemd[1]: Starting Crowdsec agent...
Sep 21 03:41:17 support.calibercpas.com systemd[1]: Started Crowdsec agent.
Sep 21 03:41:47 support.calibercpas.com crowdsec[1529]: time="21-09-2021 03:41:47" level=fatal msg="starting outputs error : authenticate watcher (bbaf9514b89d4815a9c6>
Sep 21 03:41:47 support.calibercpas.com systemd[1]: crowdsec.service: Main process exited, code=exited, status=1/FAILURE
Sep 21 03:41:47 support.calibercpas.com systemd[1]: crowdsec.service: Failed with result 'exit-code'.

Running systemctl restart crowdsec gets it running without any immediate errors thrown, but after a few minutes it re-enters the error state with the above message. Searching for this error seems to be more related to Docker installs, of which this is not.

SeanP · September 21, 2021, 11:12am

I have checked that the /etc/crowdsec/local_api_credentials.yaml is populated, and also cran cscli machines add -a just to make double-sure we are good there.

Still end up with the following error in the /var/logs/crowdsec.log

time="21-09-2021 04:05:44" level=fatal msg="starting outputs error : authenticate watcher (bbaf9514b89d4815a9c692eeebf09f9cqDr4W1jGSuhNhYV8): Post \"http://127.0.0.1:8080/v1/watchers/login\": could not get jwt token: Post \"http://127.0.0.1:8080/v1/watchers/login\": dial tcp 127.0.0.1:8080: i/o timeout"

SeanP · September 21, 2021, 2:05pm

My issue is not fixed, but I have a feeling this is an issue with my server and not the software. The program I run on that server is no longer functioning as intended, so I think it is all connected somehow. Trying to do too much at once I guess

klausagnoletti · September 21, 2021, 2:10pm

Allright. Please write again if you change your mind and need help locating the error

/klaus

thibault · September 24, 2021, 8:15am

Hello @SeanP !

Can you share the content of /var/log/crowdsec.log ? We might get a good clue of what’s going on there !

Regards,

Topic		Replies	Views
Cannot install Crowdsec on Ubuntu 20.04.4 & 18.04.6 crowdsec	7	4314	June 27, 2022
Crowdsec Stopped Working on my Raspberry Pi (ARM?) crowdsec	5	692	February 6, 2023
Crowdsec cant start with Varnish crowdsec	1	170	November 26, 2023
127.0.0.1:8080: connect: connection refused crowdsec	1	1370	February 28, 2022
Unable to get crowdsec to start crowdsec	7	1189	April 25, 2023

CrowdSec error "authenticate watcher" CentOS 8

Related Topics