Switch user with "sudo su - username" using SSH keys

sudo has nothing to do with SSH and sshd config.

What you really want is a PAM module that will use SSH public keys. I'm not sure what are your reasons as the whole idea seems a bit strange, but, well. pam_ssh is the module that does this.

To get sudo to work passwordless to another user these are the changes required (perform them with super user access):

edit /etc/sudoers

visudo

Config changes

# Allow user to sudo su as anyone without passworduser    ALL=(ALL)       NOPASSWD: ALL%group  ALL=(ALL)       NOPASSWD: ALL# Allow user to become another useruser    ALL=(user2)    NOPASSWD: ALL%group  ALL=(user2)    NOPASSWD: ALL

now with the latter sudo su - user2 should work

The only stumbling block was the user to be added to sudo group

usermod -a -G sudo user

The examples above in the config shows the user first then by group - you only need 1 of the two -

Edited:

visudo%group2    ALL=(ALL:ALL)    PASSWD: ALL%group1    ALL=(ALL:ALL)    NOPASSWD: ALL

add run group

groupadd group1groupadd group2

so for users that require a password

usermod -a -G group2 user1usermod -a -G group2 user2etc..

for users that require no password:

usermod -a -G group nuser1usermod -a -G group nuser2etc

in some cases (eg you haven't root permissions) you can use something like

ssh-copy-id -i ~/.ssh/id_rsa.pub user2@localhost

And then log in with

ssh user2@localhost