$ sudo adduser --gecos 'Fred Smith' -p '*' fred $ cd /home/fred $ sudo mkdir .ssh $ sudo cp ~/fred.public.key .ssh/authorized_keys $ sudo chmod 0700 .ssh $ sudo chown -R fred.fred .ssh
If Fred’s public key starts “BEGIN SSH2 PUBLIC KEY” then turn it into the one-line form first.
[2025 edit:] A previous version of this post suggested the --disabled-password option to adduser – but since then, OpenSSH has been changed to regard such accounts (with password set to “!”) as completely locked and unavailable even to SSH. Accounts with password set to “*” are still available to SSH, though, even though they cannot be used for direct login.
