#!/bin/bash
export KRB5CCNAME=/tmp/krb5cc_$(id -u).root
export KRBTKFILE=/dev/null

lifetime=900
hostopt=""
[ -z "$hostopt" ] && hostopt="${HOSTNAME}"
[ -z "$hostopt" ] && hostopt=`uname -n 2>/dev/null || echo unknown`
keys=~/.ssh/id_rsa_root

function with-keys
{
    unset SSH_AUTH_SOCK SSH_AGENT_PID
    eval $(keychain --eval --host "$hostopt-root")
    exec "$@"
}

command="$1"
shift

case "$command" in
    init)
        echo "Loading default keys (lifetime $lifetime)..."
        with-keys ssh-add -t $lifetime "$@" $keys
        ;;
    add)
        echo "Loading keys (lifetime $lifetime):" "$@"
        with-keys ssh-add -t $lifetime "$@"
        ;;
    list)
        with-keys ssh-add -l
        ;;
    destroy)
        with-keys ssh-add -D
        ;;
    shell)
        with-keys $SHELL
        ;;
    ssh)
        with-keys ssh -l root "$@"
        ;;
    *)
        if [ -z "$command" ]; then
            echo "Usage: $0 init" >&2
            echo "       $0 add" >&2
            echo "       $0 list" >&2
            echo "       $0 destroy" >&2
            echo "       $0 shell" >&2
            echo "       $0 ssh [args]" >&2
            echo "       $0 [cmd]" >&2
        else
            echo Executing: "$command" "$@"
            with-keys "$command" "$@"
        fi
        ;;
esac