How about keypair auth via a website? Simply point it to a file that contains your key, which gets uploaded to the server and validated. If it's an invalid key, no go.

By the way, this isn't some lame attempt at security through obscurity is it?