You can also run commands when a user authenticates, grab their keys from github.com/username.keys, validate they're a user in a specific github group, then let them connect by outputing the keys, otherwise nothing to deny them access.

It's really great for ops teams where you want to give ssh access and manage it from github teams without needing a complex system.