1. Generate new set of private and public keys on client

	# ssh-keygen -C "Test Program"

Note: save keys in different location that personel keys

2. Copy the indentity.pub (public) key into the server authorized_keys file files.

	from="hostname",command="$SSH_ORIGINAL_COMMAND",no-port-forwarding,no-X11-forwarding "PUBLIC KEY"

Modify the from and the command args, you can add optionally params i.e no-port-forwarding, no-X11-forwarding notice the $SSH_ORIGINAL_COMMAND 
variable, this holds the full command string parsed.

3. Create a master script on the client to use the ssh-agent to add the calling script (script.master)

	#!/usr/bin/ksh
	#hold authenication private keys
	/usr/local/bin/ssh-agent script.really

4. Create the calling script on client (script.really)

	#!/usr/bin/ksh
	WORKDIR='/export/home/vallep/.ssh/test'
	# remember this points to the new key above
	# this adds the identities to the authenication agent
	/usr/local/bin/ssh-add ${WORKDIR}/identity
	# SSH uses the above authorized_key file and indentity key to know what script to run on the server.
	# The command line is placed into $SSH_ORIGINAL_COMMAND (see above)
	/usr/local/bin/ssh -v -q -x -l vallep -i ${WORKDIR}/identity host 'test.sh -a -e goodbye'

	-v	verbose
	-l	username
	-q	quit mode
	-x	disables X-Forwarding
	-i	identity file

5. The test script on the server should look like something below

	#!/bin/bash
	date="`date +'%H:%M'`"
	# Initial declaration.
	# a and e are the flags expected.
	# The : after flag 'e' shows it will have an option passed with it.
	while getopts "ae:" Option
	do
		case $Option
		in
			a ) echo "Hello - $date" >> /home/vallep/.ssh/test/test.log;;
			e ) echo "$OPTARG - $date" >> /home/vallep/.ssh/test/test.log;;
		esac
	done
	# Move argument pointer to next.
	shift $(($OPTIND - 1))

Hopefully the test.log on the server should contain your parsed information