Skip to content

Host Check Script

This shell script executes inside a Linux environment to validate whether your system is ready to run NodeZero pentests.

Note

This script will NOT launch a pentest.

Downloads

Warning

Always verify the files you download come from Horizon3.

Download checkenv.sh

Download checkenv.sh SHA256 checkenv.sh

Download and execute from a shell

cd ~
curl https://downloads.horizon3ai.com/utilities/checkenv.sh | bash

Troubleshooting

NOEXEC flag on partition

Some users report issues running the health check because they are launching from a partition that denies execution. This is why we recommend first changing to your home directory before executing, as in the example above.

Host's system time is out of sync with NodeZero

If you are seeing this error when running the NodeZero launch script or the checkenv script 

The system time is off by more than 5 minutes of UTC time.
To address this you'll need to look at your local time syncing service to make sure it is working properly. Possibly sync your service with a known good source from this list:
  • https://tf.nist.gov/tf-cgi/servers.cgi
  • https://www.ntppool.org/

If your time syncing service is not something that can be easily repaired, you can still run NodeZero. However, certain cryptographic attacks could be affected. To ensure the successful operation of NodeZero, please deactivate any currently active time synchronization service and synchronize your system time with our servers. The below script will stop timesyncd, ntp and chrony, then sync the system time with NodeZero servers via our /time API.

# stop timesyncd
sudo timedatectl set-ntp false

# stop ntp
sudo service ntp stop

# stop chrony
sudo service chrony stop

# Sets system time
UTC=$(curl -k -s -m 3 https://api.horizon3ai.com/v1/time | cut -c17-26)
sudo date -s "@$UTC"

NodeZero Runners and sudo

Its important to remember that while the Host Check script has the ability to prompt for sudo credentials, if running automated operations with the NodeZero runner you might receive a permissions error: 

[#] Checking Docker functionality by running the hello-world test container:
[+] PASSED: Docker version installed meets the minimum required version 20.10.
[!] FAILED: Failed to validate Docker. Verify this account has permissions to run Docker and retry.

If your NodeZero Host requires sudo to run docker commands, then you may need to start the Runner using sudo.

Alternatively, you can try adding the user that invokes h3 start-runner to the docker group, for example (using ubuntu user): 

sudo usermod -aG docker ubuntu
sudo systemctl restart docker
(Note: Make sure to log out and back in after changing groups for the actively logged on user)