projects / user / alex / software / my-snippets.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
classify-users: determine type of Athena accounts
[user/alex/software/my-snippets.git] / sshroot
diff --git a/sshroot b/sshroot
index 6a0c4b5f6e8d906e1d572c75e54a7e3a2b78adf5..740b5ef6c38722f993d5cb5b22444b56920dfce9 100755 (executable)
--- a/sshroot
+++ b/sshroot
@@ -1,24 +1,56 @@
-#!/bin/bash
-export KRB5CCNAME=/tmp/krb5cc_$(id -u).root
-export KRBTKFILE=/dev/null
+#!/bin/bash -e
+
+# lifetime, in minutes
+lifetime=15
+keysuffix=root
 
-lifetime=900
 hostopt=""
 [ -z "$hostopt" ] && hostopt="${HOSTNAME}"
 [ -z "$hostopt" ] && hostopt=`uname -n 2>/dev/null || echo unknown`
-keys=~/.ssh/id_rsa_root
+
+function usage
+{
+    echo "Usage: $0 [-H hostname] [-k keysuffix] [-l lifetime] command"
+    echo
+    echo "Available commands:"
+    echo "    add"
+    echo "    list"
+    echo "    destroy"
+    echo "    shell"
+    echo "    ssh [args]"
+    echo "    [cmd]"
+}
+
+while getopts ":H:k:l:h" opt; do
+    case "$opt" in
+    H)  hostopt="$OPTARG";;
+    k)  keysuffix="$OPTARG";;
+    l)  lifetime="$OPTARG";;
+    h)  usage; exit 0;;
+    \?) usage >&2; exit 1;;
+    esac
+done
+shift $(($OPTIND - 1))
+
+keys="$HOME/.ssh/id_rsa_$keysuffix"
+keychain_host="$hostopt-$keysuffix"
 
 function with-keys
 {
     unset SSH_AUTH_SOCK SSH_AGENT_PID
-    eval $(keychain --eval --host "$hostopt-root" $keys)
+    vars=$(keychain --timeout "$lifetime" --eval --host "$keychain_host" $keys)
+    eval "$vars"
+    export SSHROOT=1
     exec "$@"
 }
 
 function with-agent
 {
     unset SSH_AUTH_SOCK SSH_AGENT_PID
-    eval $(keychain --eval --host "$hostopt-root")
+    vars=$(keychain --timeout "$lifetime" --eval --host "$keychain_host")
+    eval "$vars"
+    export SSHROOT=1
+    echo with-agent: Running: "$@"
     exec "$@"
 }
 
@@ -28,11 +60,11 @@ shift
 case "$command" in
     init)
         echo "Loading default keys (lifetime $lifetime)..."
-        with-agent ssh-add -t $lifetime "$@" $keys
+        with-agent ssh-add -t "${lifetime}m" "$@" $keys
         ;;
     add)
         echo "Loading keys (lifetime $lifetime):" "$@"
-        with-agent ssh-add -t $lifetime "$@"
+        with-agent ssh-add -t "${lifetime}m" "$@"
         ;;
     list)
         with-agent ssh-add -l
@@ -41,20 +73,15 @@ case "$command" in
         with-agent ssh-add -D
         ;;
     shell)
-        with-keys $SHELL
+        with-keys "$SHELL" "$@"
         ;;
     ssh)
-        with-keys ssh -l root "$@"
+        #with-keys ssh -l root "$@"
+        with-keys ssh "$@"
         ;;
     *)
         if [ -z "$command" ]; then
-            echo "Usage: $0 init" >&2
-            echo "       $0 add" >&2
-            echo "       $0 list" >&2
-            echo "       $0 destroy" >&2
-            echo "       $0 shell" >&2
-            echo "       $0 ssh [args]" >&2
-            echo "       $0 [cmd]" >&2
+            usage >&2
         else
             echo Executing: "$command" "$@"
             with-agent "$command" "$@"