Creating a new user and modifying its privileges in Linux

In this post, you will learn:

If you use Linux with a graphical desktop environment like Ubuntu, for example, you can add or remove new users through its Settings. But this is simplified and I have to say a limited way to do that. The right way is to use the command line. And it is the only way if you work with a server Linux system. Below, you will learn all you need to know about how to create, delete, and modify users in the Linux command line.

Simple way to create a new user in Linux.

Many Linux systems have a user-friendly command to add a new user. The command is adduser. You type this command and the username of a new user.

sudo adduser username

The command will prompt you to create a user password, full name, and some additional information which can be skipped if you want.

adduser command

And that’s it. The new user is created. This command also creates a home directory for new user (/home/username)

However, if you also need to grant this user the administrative privileges, you need to add it to the sudo group:

sudo adduser username sudo

Now, this new user will be able to execute the administrative commands with sudo.

This was the simplest way to create a new user in Linux. The adduser command is available in many Linux ditros, but in fact, it is a more user-friendly type of the command useradd, which is more advanced. Below, I would like to show you how to use this more advanced command too.

Universal way to create a new user in Linux.

If adduser is not available in your distro or you want to have little more control over the new user. You need to use the command useradd. I know the names are similar and easy to mix. But try to remember that useradd is a more important command. Basically, adduser just points to useradd.

To create a new user with the default options, run:

sudo useradd username

To check what default options were used to create a user, run:

sudo useradd -D

These are the default rules on my Debian VPS (they may differ for your system. ):

Default options of the command useradd

You can change these options and use some more. To see all available options of the useradd command, check its help:

Based on these options, a more complete command would be:

sudo useradd -g users -G sudo -s /bin/bash -m -c "Full name"  username

Finally, you need to set a password for this user with passwd.

sudo passwd username

an example of the useradd command

New user’s system privileges

As you have seen I added a new user to the sudo group and granted it administrative privileges. This is what I did on my server and this what you would want to do if you are an admin of the system. But if you create a user on your Linux system for someone else, you probably do not want them to have administrative privileges. So, do not add them to the sudo group.

Setting password and account expiration

If you are a system administrator and you have many uses in your system, besides not including them in the sudo group, you may also want to enhance the security of your system by the expiration time on the passwords and accounts of these new users.

You can do this with the command chage. Note, it is without n. The command is short of change age.

You can see all the available options of this command:

To check if there are any limitations set on a user, run:

sudo chage -l username

check account and password expiration

Usually, there are no expiration dates by default. But you can set some limits with the command chage:

sudo chage -M 90 -W 30 -E 2020-06-07 username

The above command will set a password expiration date to 90 days and warning about the need to update the password to 30 days before the expiration. And the account will expire on June 6, 2020.

You can see that if you check the status of the user:

set account and password expiration in Linux

You can also do some manipulation with users using the command usermod. But I have to skip it because this post will be too long.

How to delete a user

Finally, to delete a user, run this command:

sudo userdel -r username

If you also want to remove the home directory of this user, add option -r. But be careful, because it will remove all the data of this user:

sudo userdel -r username

Summary

  • To create a new user in Linux, you can use the user-friendly command adduser or the universal command useradd. The latter is available in all Linux distros.
  • New users do not have administrative privileges by default, to grant them such privileges, add them to the sudo group.
  • To set time limits on password and account of a user, use the command chage.
  • To delete a user, use the command userdel
Average Linux User
Average Linux User I am the founder of the Average Linux User project, which is a hobby I work on at night. During the day I am a scientist who uses computers to analyze genetic data.

Comments



Svengali

Question I have is, how do I create an ID if the system says I do not have right to create? I am a sysadmin and in the right group but tells me I cannot use /usr/sbin/useradd.


juergen

How can I create an account for somebody else without sending passwords around the net?

I thought of creating an account with locked password and putting the public ssh key into the authorized_keys. In that case the user can login, but never change his password, as the change requires the current, non-existent password.

If the /etc/shadow field for password creation time is set to 0, the user is forced to set his password on first login but still asked for the current, non-existent one.

best Juergen


Ian Hector

Hey! Thank you for sharing the valuable information. I found this article very useful. Good work! I have read another article on TOP 8 LINUX CLOUD SERVERS. Please do check it out; it will be helpful.



Learn how to write in Markdown with this Quick Reference.
Notify me of new comments on this post.
* E-mail is used to display Gravatar.