Okay, for my own purposes I implemented the following 'features':
* SSL certificate signing with a custom CA as default. (not delf-signed)
This is approx. 4 lines of code, not a big deal.
* SSH Public Key authentication
This is several lines of code in several files (interface, server and also requires new fields in SQL.)
When a new user is created, the server generates the private and public key, that can be obtained in the Tools section. When creating a new shell-user, the user's public key, and an additional optional custom key is added to the shell user's authorised keys, thus allowing logging in without typing a password.
There are two options. I can post all modifications here to the forum as code, so the main developers can review them, and apply them in the next release, or I can add them myself to the svn, to some beta-branch.