Overview
When using an agent to connect to on-premise tools, sometimes things beyond your control can cause the agent to go down, such as a power outage, a server reboot, or a simple mistake where your container running the agent is decommissioned accidentally.
Here is a handy list of errors you may see when using the Nucleus agent and their definitions so you can easily pinpoint the source of the error, and what you may need to turn back on or restart to resolve the issue.
| Issue | What this probably means | Checks |
|---|---|---|
| In Nucleus: Connector Setup Page > Verify connector button is returning: "Unable to connect to ssl://nucleus-mgr.nucleussec.com: Connection Refused" |
The agent is not connected or running for one reason or another. Make sure the agent is authenticating from the client to Nucleus. One of the main reasons this could be happening is because the firewall on the client side isn't allowing outgoing connections. |
1. Confirm the agent is running by using supervisorctl status on the server that runs the Nucleus agent. 2. If the agent is running and you still get the error, make sure the agent can authenticate to the manager server by manually running the ssh command using the configuration in your conf.d file. 3. Make sure firewall settings are correctly allowing outgoing connections to Nucleus manager. 4. If autossh says connection is established and you are still getting this error, please make sure you can connect manually using the ssh command. |
| In Nucleus: Connector setup page > Verify button is returning: “Authorization is incorrect.” |
The agent is working as expected and you have a standard authentication error. Check your password or other authentication information if this occurs. | N/A |
In the command line where the agent is running: when trying to enable the agent using supervisorctl start <programname> and the command is not working, you may see: Error: ‘No program by the name x.x exists' OR 'unable to find .conf file’ |
The name of the program in the .conf file is likely incorrect or the user does not have permissions to that directory. Confirm the supervisor process has permissions to run the agent program. | 1. Try running the command sudo supervisorctl start <programname> locally on the cli to see if it’s a permission issue. If the command works with sudo, then it is a permissions issue. |
| When running ssh command manually in the cli: Error ‘No file at /home/ |
The command is not pointing to the correct key file location OR you do not have permissions to that directory. | 1. Check to see if that file exists as sudo ls /home/<username>/.ssh. Running the command should output the file id_rsa if that was the file you used for the public key. 2. If the file exists, then confirm that you're running the ssh command as the user who has the key file AND make sure that user has permissions to that file. 3. If the file does not exist, then you need to create the file according to the Nucleus Agent Setup instructions - Install Dependencies section. |
| When running ssh command manually in the cli: Error 'Access denied, unable to authenticate using public key' |
Generally this means 1 of 2 things: 1. The agent is not actually passing the key to Nucleus, so check your ssh command to reference the correct key. 2. The key being passed does not match the one you sent to the Nucleus support representative. |
You need to check to make sure that the ssh command is correct: 1. You are trying to log in to Nucleus with the Nucleus support-supplied username (example: acme-nucleusagent). 2. You are referencing the correct key file to pass to Nucleus: -i /home/<username>/.ssh/id_rsa and user=<username> in the supervisord.conf file. |
If you are still having trouble, please reach out to Nucleus support at https://help.nucleussec.com