How to Add Linux SSH Key User

1. Create a private key for the new user.
b. Create locally on a Mac:
ssh-keygen -t rsa
2a. Place the private key in the local directory: ~/.ssh
2b. Set the permissions on the local key file:
chmod 400 GTKeyPairUser101.pem
3. Generate a public key from the new user’s private key locally:
ssh-keygen -y
4. Copy the public key text from the screen, place the text in a file (GTKeyPairUser101.pub) and then place the file in the ~/.ssh directory.
5. Connect to the Linux system using ssh and admin credentials:
ssh -i AdminUserKeyFile.pem adminuser@example.com
6. Create the new user on the linux system:
@ubuntu$ sudo adduser new_user --disabled-password
7. Add the new user to the sudo group:
@ubuntu$ sudo usermod -aG sudo username
8. Change the security context to the new_user account so that folders and files you create will have the correct permissions:
@ubuntu$ sudo su - new_user
9. Create a .ssh directory in the new_user home directory:
@new_user$ mkdir .ssh
10. Change the .ssh directory’s permissions to 700:
@new_user$ chmod 700 .ssh
11. Change into the .ssh directory:
@new_user$ cd .ssh
12. Create the authorized_keys file in the .ssh directory:
@new_user:~/.ssh$ touch authorized_keys
13. Change the authorized_keys file permissions to 600:
@new_user:~/.ssh$ chmod 600 authorized_keys
14. Run the Linux cat command in append mode:
@new_user:~/.ssh$ cat >> authorized_keys
15. Paste the public key into the authorized_keys file and then press Enter. Press Ctrl+d to exit cat.
16. Exit the new_user shell
@new_user$ exit
17. Edit the visudo file (Skip to step 19 if completed once prior)
@ubuntu$ sudo visudo
Change this line:
%sudo ALL=(ALL:ALL) ALL
To the following:
%sudo ALL=(ALL:ALL) NOPASSWD: ALL
18. Save and exit the editor

19. Exit the new user.
19. Exit the Linux system

@ubuntu$ Exit
19. Test logging into the new account on the linux system:
ssh -i AdminUserKeyFile.pem adminuser@example.com<
20. Test that new user can act as sudo without a password:
@ubuntu$ sudo ls
Command should not require password.
21. Exit Linux systems:
@ubuntu$ exit

Verified Ubuntu 18.04

References:

https://askubuntu.com/questions/334318/sudoers-file-enable-nopasswd-for-user-all-commands
https://aws.amazon.com/premiumsupport/knowledge-center/new-user-accounts-linux-instance/
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html#having-ec2-create-your-key-pair
https://stackoverflow.com/questions/45198768/how-to-find-aws-keypair-public-key
https://www.digitalocean.com/community/tutorials/how-to-create-a-sudo-user-on-ubuntu-quickstart