To deploy without granting your development environment ssh access to the staging or production environments, I suggest you setup port knocking which triggers a script on the server to checkout the latest code. The command can be as simple as git pull or something more complex like capistrano does with symbolic links.
I find this method to be very secure because if a hacker somehow figures out that a) you're using port knocking and b) the exact ports that you are using, in the right order, then the worst they can do is trigger a code deployment.
Check out http://www.zeroflux.org/projects/knock - it is very simple to configure.
I find this method to be very secure because if a hacker somehow figures out that a) you're using port knocking and b) the exact ports that you are using, in the right order, then the worst they can do is trigger a code deployment.