In order to make a live database that encrypts it's data, the database itself would have to have access to the keys. By that token, any admin could su into the account and find them.
If instead of encrypting the database, you encrypt the data before it gets entered into the database, then you would have a different possibility:
The data be encrypted before posting, and decrypted by a client program afterwards. The database would not be encrypted, only the data within it.
...or for the truly security paranoid-- do both: database encryption and data encryption, each with different methods.
Your idea of having the user present a secure key (RSA for example) if you have them do it over an SSH or SSL protected connection is not a bad idea.
More is described and discussed below in comments.