If you want someone to be able to access your rails console, but don't want them to be able to do changes you can use the rails console sandbox feature:
If you wish to test out some code without changing any data, you can do that by invoking bin/rails console --sandbox.
https://guides.rubyonrails.org/command_line.html#bin-rails-console Show archive.org snapshot
To let one only access the sandbox rails console you can make use of the command option of OpenSSH:
Specifies that the command is executed whenever this key is used for authentication. The command supplied by the user (if any) is ignored. [...]
https://man.openbsd.org/sshd#command=command Show archive.org snapshot
To combine this, the authorized_keys should be look like:
command="cd /path/to/your/application/current; bundle exec rails c --sandbox" ssh-rsa AAAASOME\PUBLIC_SSH-KEY bob.bobsen@example.com
