Use the AuthorizedKeysFile directive in sshd_config to point to a file only
you have access to, outside the user's home directory. However, this won't
allow you to use a single file, unless you want all users to have access to
everyone's accounts. Off the top of my head, I can't think of a way to do it
with a single file.

-----Original Message-----
How do I configure openssh so that it'll permit a public key for a user,
without giving the user the oppertunity to change/add public keys to the
authorized list?

Also, is there a way to have a single file with the authorized keys for
*all* users? Like /etc/shadow, but for public keys rather than passwrods.