diff --git a/manifest-vds.yml b/manifest-vds.yml index 041e868..5779826 100644 --- a/manifest-vds.yml +++ b/manifest-vds.yml @@ -83,7 +83,7 @@ spec: spec: serviceAccountName: internal-kubectl securityContext: - runAsUser: 100 + runAsUser: 1000 runAsGroup: 1000 fsGroup: 1000 containers: diff --git a/proxy.sh b/proxy.sh index b95ced3..2d7d692 100755 --- a/proxy.sh +++ b/proxy.sh @@ -56,7 +56,7 @@ function run() #get the secret for the machine and create a file loginfo "getting ssh key for ${cluster}" kubectl get secret ${cluster}-ssh -n ${ns} -o jsonpath="{.data.ssh-privatekey}" | base64 -d > /tmp/sshkey.pem - chmod 400 /tmp/sshkey.pem + chmod 600 /tmp/sshkey.pem loginfo "attempting ssh to ${ip}" ssh -q -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i /tmp/sshkey.pem vmware-system-user@${ip} << EOF