If we're going to open this up, can we add an option to say "this key is allowed to log in to this account", SSH style?
I like the idea of using keys rather than .pgpass, but I like the ~/.ssh/authorized_keys model and don't like the "set up an entire certificate infrastructure" approach.