You can actually change the shell to a bash script and trap interrupts so that they can't get out of it to the general shell. Also, restrict the key so that it cannot be used to forward stuff. See the man page for how to restrict the key, and also see http://sial.org/howto/openssh/publickey-auth/
for a pretty good howto with key restriction. The O'Reilly book on the Korn shell tells how to do the menu with traps, and much of it is applicable to the bash sehll. The intro talks about the history of the shells and the relationships.
The security, of course, is not guaranteed and depends in part on your care in crafting the script.