Host Check Script
This shell script executes inside a Linux environment to validate whether your system is ready to run NodeZero pentests.
This script will NOT launch a pentest.
Always verify the files you download come from Horizon3.
Manual Download (
Download and execute from a shell
cd ~ curl https://downloads.horizon3ai.com/utilities/checkenv.sh | bash
NOEXEC flag on partition
Some users report issues running the health check because they are launching from a partition that denies execution. This is why we recommend first changing to your home directory before executing, as in the example above.
Host's system time is out of sync with NodeZero
If you are seeing this error when running the NodeZero launch script or the
The system time is off by more than 5 minutes of UTC time.
If your time syncing service is not something that can be easily repaired, you can still run NodeZero. However, certain cryptographic attacks could be affected. To ensure the successful operation of NodeZero, please deactivate any currently active time synchronization service and synchronize your system time with our servers. The below script will stop
chrony, then sync the system time with NodeZero servers via our
# stop timesyncd sudo timedatectl set-ntp false # stop ntp sudo service stop ntp # stop chrony sudo service stop chrony # Sets system time UTC=$(curl -k -s -m 3 https://api.horizon3ai.com/v1/time | cut -c17-26) sudo date -s "@$UTC"
NodeZero Runners and
Its important to remember that while the Host Check script has the ability to prompt for
sudo credentials, if running automated operations with the NodeZero runner you might receive a permissions error:
[#] Checking Docker functionality by running the hello-world test container: [+] PASSED: Docker version installed meets the minimum required version 20.10. [!] FAILED: Failed to validate Docker. Verify this account has permissions to run Docker and retry.
If your NodeZero Host requires
sudo to run
docker commands, then you may need to start the Runner using
Alternatively, you can try adding the user that invokes
h3 start-runner to the
docker group, for example (using
sudo usermod -aG docker ubuntu sudo systemctl restart docker