Subdomain using the SAME user on the server is how I would do it. That way file copy/move/rename can be used from the shell to migrate. Also makes it easy to make a copy of the files on the production domain.
For dev sub domains I often restrict access to my IP using .htaccess
It should be noted, that while I would use the same user on the server for this case (prod site / dev site) I would always use different users for multiple sites.