I'm sure there are plenty of articles describe how to add/create a new user on a UBUNTU EC2 instance. Unfortunately I couldn't find a simple one so i decided to create this post more for my own reference. I assume you already have a UBUNTU EC2 instance (in my case 10.04.2 LTS ami-6afa8438 ) with a valid key file for the default user ubuntu and wish to grant access to an additional user. My domain name is sofasurfer.ch and the new user i will add is kib.

So let's get started. 1. Login to server with default user ubuntu and the original key-file ubuntu.pem (which has to be in the same directory as you run the command from).

ssh -i ubuntu.pem ubuntu@sofasurfer.ch

2. Add new user and insert the requested user information

sudo adduser kib

3. Add new user to admin group, which also grants you sudoerrights

sudo adduser kib admin

4. If you don't want to enter the password each time you use sudo you can set this in the /etc/sudoersfile.

sudo visudo

5. And add the following line below the ubuntu user (for security reasons not recommended)


3. Switch to new user

su kib

4. Switch to home directory for new user

cd /home/kib

5. Create new rsa key and fill in the requested information (can keep all default but make sure to set a password)

ssh-keygen -t rsa

6. Change owner premission

chmod 700 .ssh

7. Rename new key files so they match new username

mv .ssh/id_rsa .ssh/id_kib_rsa
mv .ssh/id_rsa.pub .ssh/id_kib_rsa.pub

8. Combine the files to generate the authorized_keys file

cat .ssh/id*.pub > .ssh/authorized_keys

9. Change permission so only the new user can access

chmod 600 .ssh/*

10. Copy keys to tmp folder, to download later from the client, make sure they are readable by the default user.

cp .ssh/id* /tmp
chmod 644 /tmp/id*

11. Logout from EC2 server


12. Download new key with original ubuntu user

scp -i ubuntu.pem ubuntu@sofasurfer.ch:/tmp/id_kib_rsa ./

13. Change right for new key so they can only be accessed from current user/machine

chmod 400 id_kib_rsa

14. Login with new user

ssh -i id_kib_rsa kib@sofasurfer.ch

15. Delete keys from /tmp directory

rm -rf /tmp/id*

Done Not sure if this is the perfect way to do so, but it worked for me :)