set IdentitiesOnly

When setting up a dedicated ssh key to access the annex on a host,
set IdentitiesOnly to prevent the ssh-agent from forcing use of a different
ssh key.

That behavior could result in unncessary password prompts. I remember
getting a message or two from people who got deluged with password
prompts and I couldn't at the time see why.

Also, it would prevent git-annex-shell from being run on the remote host,
when git-annex was installed there by unpacking the standalone tarball,
since the authorized_keys line for the dedicated ssh key, which sets
up calling git-annex-shell when it's not in path, wouldn't be used.

This fixes
http://git-annex.branchable.com/bugs/Internal_Server_Error:_Unknown_UUID
but I've not closed that bug yet since I should still:

1. Investigate why the ssh remote got set up despite being so broken.
2. Make the webapp not handle the NoUUID state in such an ugly way.
3. Possibly add code to fix up systems that encountered the problem.
   Although since it requires changes to .ssh/config this may be one for
   the release notes.

Thanks to TJ for pointing me in the right direction to understand what
was happening here.

debian/changelog

@@ -11,6 +11,10 @@ git-annex (4.20130724) UNRELEASED; urgency=low
     that caused git-annex sync on FAT or other crippled filesystems to add
     symlink standin files to the annex.
   * importfeed can be used to import files from podcast feeds.
+  * webapp: When setting up a dedicated ssh key to access the annex
+    on a host, set IdentitiesOnly to prevent the ssh-agent from forcing
+    use of a different ssh key. That could result in unncessary password
+    prompts, or prevent git-annex-shell from being run on the remote host.
   * Add status message to XMPP presence tag, to identify to others that
     the client is a git-annex client. Closes: #717652
   * webapp: When creating a repository on a removable drive, set