Limiting SSH Keys
You can define keys in .ssh/authorized_keys so that when they are used, only one command is permitted to be run:
# Comments allowed at start of line
AAAAB2...19Q== john@example.net command="dump /home",no-pty,no-port-forwarding ssh-dss
You can also limit the source IP for the key use and other things.
See the man page for sshd under
AUTHORIZED_KEYS FILE FORMAT.