"Mark", I said to myself, "what are the odds that somebody has done this in Python?"
Pretty good, it turns out.
The Twisted framework, in addition to making it easy to write your own telnet/SSH/whatever server, also provides exactly this functionality--- you can connect to a running Twisted instance and run python commands in a read/eval/print loop. (There's even a GUI if telnet or ssh isn't sufficient.)
Unfortunately while I can get the obsolete "twisted.protocols.telnet" class to work fine, the newer Conch-based "manhole" won't correctly authenticate me. It wants to use /etc/passwd or another passwd file, but I use shadow passwords (duh!) so /etc/passwd doesn't have the necessary information, and the file I pasted together with mkpasswd didn't work either.