hm. i found this page on the openwrt wiki - DropbearPublicKeyAuthenticationHowto. since it's just me taking care of the router, i guess it's okay to auth to root or my non-root user using the same global authorized_keys file. but it just feels wrong. but dropbear has a really small memory footprint. argh, the problems of a sysadmin's conscience.
well, i've set it up on my active WRT54Gv2.2 router and i'll do it as a starting point on my WRTSL54GS next time i boot it.