Creating new users on AWS EC2 Linux - Ubuntu 12.04
Each Linux instance type launches with a default user account. For Amazon Linux, the default user name is ec2-user. For RHEL5, the user name is often root but might be ec2-user. For Ubuntu, the user name is ubuntu. For SUSE Linux, the user name is root. Otherwise, check with your AMI provider.
Using the default user account is adequate for many applications, but you may choose to add user accounts so that individuals can have their own files and workspaces. Creating user accounts for new users is much more secure than granting multiple (possibly inexperienced) users access to the ec2-user account, since that account can cause a lot of damage to a system when used improperly.
To add a new user to the system
Effectively adding users to an Amazon Linux instance involves two basic operations: adding the user to the system, and providing that user with a way to log in remotely.
To add a new user to the system, use the adduser command followed by the name of the user you wish to create.
[ec2-user ~]$ sudo adduser newuser
This command adds the newuser account to the system (with an entry in the /etc/passwd file), creates a newuser group, and creates a home directory for the account in/home/newuser.
(If you created the user account with useradd, you have to set up everything for it manually. This is why, when creating user accounts from the command-line, it is recommended to use adduser in Ubuntu (and Debian, and other Debian-based systems) instead. You might just want to remove the user with userdel or deluser and recreate it with adduser.)
http://askubuntu.com/questions/159878/cannot-login-to-newly-created-user-account
To provide remote access to this account, you must create a .ssh directory in the newuser home directory and create a file within it named "authorized_keys" that contains a public key.
Switch to the new account so that newly created files have the proper ownership.
[ec2-user ~]$ sudo su - newuser [newuser ~]$
Note that the prompt now says newuser instead of ec2-user; you have switched the shell session to the new account.
Create a .ssh directory for the authorized_keys file.
Change the file permissions of the .ssh directory to 700 (this means only the file owner can read, write, or open the directory).
This step is very important; without these exact file permissions, you will not be able to log into this account using SSH.
[newuser ~]$ chmod 700 .ssh
Create a file named "authorized_keys" in the .ssh directory.
[newuser ~]$ touch .ssh/authorized_keys
Change the file permissions of the authorized_keys file to 600 (this means only the file owner can read or write to the file).
This step is very important; without these exact file permissions, you will not be able to log into this account using SSH.
[newuser ~]$ chmod 600 .ssh/authorized_keys
Edit the authorized_keys file with your favorite text editor and paste the public key for your key pair into the file.
For more information about creating a key pair or retrieving a public key from an existing key pair, see Amazon EC2 Key Pairs
You should now be able to log into the newuser account on your instance via SSH using the private key that matches the public key from Step 2.f.
To remove a user from the system
If a user account is no longer needed, you can remove that account so that it may no longer be used.
To delete a user account, the user's home directory, and the user's mail spool, execute the userdel -r command followed by the user name you wish to delete.
[ec2-user ~]$ sudo userdel -r olduser
To keep the user's home directory and mail spool, omit the -r option.