How to create user in Linux

Reading Time: 4 minutes

This Tutorial will guide you on How to create a user in Linux. Please follow the below-mentioned steps. Effectively creating and managing user accounts in a Linux environment is a fundamental skill for system administrators. This guide provides step-by-step instructions on user creation, password setting, attribute modification, and strong password policy enforcement. Enhance your Linux security by understanding the intricacies of user management. Remove group from Linux user

Learn the essentials of creating and managing user accounts in Linux, including user addition, password setting, attribute modification, and deletion. Strengthen security with enforced strong password policies and gain insights into user auditing and education.

Prerequisite

• Linux Or Unix System / Server
• ssh access
• Root or sudo access

Steps to Follow

• Open Terminal
  Log in as root or become sudo – Only Privileged users can create an account.
  
• Run below commands
  $ sudo useradd <username>
  Note : useradd is the command and username is the name of the user account
• Set Password
  $ sudo passwd testuser
• Enter a password of your choice
• You need to enter the password twice
  
  

Validate user

Use id command to validate the newly created user
$ id testuser

You can also specify multiple flags while creating user accounts.

Common options are :

• -d  : Create home directory for the user
• -m : Auto-create home directory
• -s : The default login shell of new user

How to create user in Linux

$ sudo useradd -m -d /home/adminuser -s /bin/bash adminuser

Other parameters to use with useradd command

• -b, –base-dir BASE_DIR
• -c, –comment COMMENT
• -d, –home-dir HOME_DIR
  • The new user will be created using HOME_DIR
• -D, –defaults
• -e, –expiredate EXPIRE_DATE
• -f, –inactive INACTIVE
• -g, –gid GROUP
• -G, –groups GROUP1[,GROUP2,…[,GROUPN]]]
• -h, –help
• -k, –skel SKEL_DIR
• -K, –key KEY=VALUE

How to create user in Linux is a basic system admin task and every Linux user should know How to create user in Linux.

Note: You can also watch each step on our Youtube

How can users create and manage user accounts in Linux, and what measures should be taken to enforce strong password policies?

Creating and managing user accounts in Linux involves several steps, including adding new users, modifying user attributes, and enforcing strong password policies. Here’s a guide on how to create and manage user accounts in Linux, along with measures to enforce strong password policies:

Creating and Managing User Accounts:

1. Creating a User:

• Use the useradd command to create a new user account. For example:bashCopy codesudo useradd username
• Use the -m option to create the user’s home directory:bashCopy codesudo useradd -m username

2. Setting Passwords:

• Set a password for the new user using the passwd command:bashCopy codesudo passwd username
• Follow the prompts to enter and confirm the password.

3. Modifying User Attributes:

• Use the usermod command to modify user attributes, such as the user’s home directory, login shell, or group:bashCopy codesudo usermod -d /new/home/directory username bashCopy codesudo usermod -s /bin/bash username
• Ensure that the specified home directory exists before assigning it to a user.

4. Deleting a User:

• To delete a user account, use the userdel command:bashCopy codesudo userdel username
• To remove the user’s home directory and mail spool, use the -r option:bashCopy codesudo userdel -r username

5. Viewing User Information:

• View user information using the id and finger commands:bashCopy codeid username bashCopy codefinger username

6. Switching User (su):

• Use the su command to switch to another user’s environment. For example, to switch to the root user:bashCopy codesu -
• Enter the root password when prompted.

Enforcing Strong Password Policies:

1. Password Complexity Requirements:

• Set password complexity requirements using the pam_pwquality module. Edit the /etc/security/pwquality.conf file to define password complexity rules such as length, complexity, and rotation.

2. Password Expiration:

• Define password expiration policies using the chage command. For example, to set the maximum number of days before a password must be changed:bashCopy codesudo chage -M 90 username
• This example sets the password expiration to 90 days.

3. Account Lockout Policies:

• Implement account lockout policies to lock user accounts after a specified number of failed login attempts. Use the pam_tally2 module for this purpose.bashCopy codesudo pam_tally2 --deny=3 --lock-time=600 username
• This example locks the account after three failed login attempts and unlocks it after 10 minutes.

4. Password History and Reuse:

• Enforce password history and prevent password reuse using the pam_unix module. Edit the /etc/security/opasswd file to maintain a history of used passwords.

5. Audit Password Changes:

• Enable auditing for password changes by configuring the /etc/audit/audit.rules file. This helps track when passwords are modified.

6. Use Strong Passwords:

• Educate users on creating strong passwords. Encourage the use of a mix of uppercase and lowercase letters, numbers, and special characters.

7. Use PAM Modules:

• Configure Pluggable Authentication Modules (PAM) to enforce password policies. Edit the /etc/pam.d/common-password file to include rules for password policies.

bashCopy code

password requisite pam_pwquality.so retry=3

8. Regular Auditing:

• Regularly audit user accounts and passwords to identify and address any security concerns. Tools like auditd and lynis can be helpful.

9. Educate Users:

• Educate users about the importance of password security, the risks of weak passwords, and the need for regular password changes.

10. Automated Tools:

markdownCopy code

- Consider using automated tools like `passwdqc` or `Cracklib` to enforce password policies and check for weak passwords.

Additional Tips:

• Use Two-Factor Authentication (2FA):
  • Implement two-factor authentication to add an extra layer of security, especially for critical accounts.
• Regularly Review User Accounts:
  • Periodically review and audit user accounts to identify and deactivate unused or unnecessary accounts.
• Regularly Update System:
  • Ensure the system is regularly updated with the latest security patches to address vulnerabilities in the underlying software.

By following these steps and best practices, administrators can create and manage user accounts in a secure manner, while also enforcing strong password policies to enhance overall system security. Regular audits and education of users contribute to a proactive approach in maintaining a secure Linux environment.

Question: How can users create and manage user accounts in Linux, and what measures should be taken to enforce strong password policies?

Answer: Creating and managing user accounts involves steps like user addition, password setting, attribute modification, and deletion. For robust security, enforce strong password policies through tools like pam_pwquality, chage, and pam_tally2, and regularly audit user accounts. Educate users on password security and consider implementing two-factor authentication for added protection.

How to modify user accounts

usermod is the main command which can be used to modify user account properties.

useradd command man page

You can also follow the tutorial “How to join Linux with Active Directory“

We hope you have a basic understanding of How to create user in Linux however if you have any queries please do write us.