- Published on
Linux User Management: Essential Commands Guide
- Authors
- Name
- Filip Grilec
Table of Contents
- Introduction
- Essential User Management Commands
- Working with Groups
- File Permissions and Ownership
- SSH Key Management
- Common User Management Scenarios
- Security Best Practices
- Conclusion
1. Introduction
Proper user management is a fundamental aspect of Linux system administration. Whether you're managing a personal server or enterprise systems, knowing the essential commands for creating and managing user accounts is critical for system security and efficiency. This guide focuses on the most frequently used commands that every Linux administrator should know.
This post documents my practical experience working with user management across various Linux distributions.
2. Essential User Management Commands
Creating Users
# Create a new user with home directory (most common)
sudo useradd -m username
# Create a user with specific shell
sudo useradd -m -s /bin/bash username
# Add a user with full name info
sudo useradd -m -c "Full Name" username
Setting and Changing Passwords
# Set a password for a user
sudo passwd username
# Force password change on next login
sudo passwd -e username
Modifying Users
# Add user to supplementary groups (most common)
sudo usermod -a -G group1,group2 username
# Change user's shell
sudo usermod -s /bin/bash username
Deleting Users
# Delete user account and home directory
sudo userdel -r username
Viewing User Information
# View specific user information
id username
# Show groups a user belongs to
groups username
# List all users
cat /etc/passwd | cut -d: -f1
3. Working with Groups
Essential Group Commands
# Create a new group
sudo groupadd groupname
# Add user to group
sudo usermod -a -G groupname username
# Remove user from group
sudo gpasswd -d username groupname
# Show all members of a group
getent group groupname
4. File Permissions and Ownership
Common Permission Commands
# Change file owner
sudo chown username filename
# Change both owner and group
sudo chown username:groupname filename
# Recursive ownership change (directories)
sudo chown -R username:groupname directory
# Add execute permission
chmod +x filename
# Common permission patterns
chmod 755 directory # drwxr-xr-x (directories)
chmod 644 file # -rw-r--r-- (regular files)
chmod 600 key.pem # -rw------- (sensitive files)
5. SSH Key Management
Setting Up SSH Access
# Generate SSH key pair
ssh-keygen -t ed25519 -C "your_email@example.com"
# Configure user SSH access
# 1. Create .ssh directory
sudo mkdir -p /home/username/.ssh
sudo chmod 700 /home/username/.ssh
# 2. Add public key to authorized_keys
echo "ssh-ed25519 AAAAC3NzaC..." | sudo tee -a /home/username/.ssh/authorized_keys
sudo chmod 600 /home/username/.ssh/authorized_keys
sudo chown -R username:username /home/username/.ssh
6. Common User Management Scenarios
Setting Up a New Team Member
# 1. Create user account
sudo useradd -m -s /bin/bash newuser
# 2. Set initial password
sudo passwd newuser
# 3. Add to necessary groups
sudo usermod -a -G developers,docker newuser
# 4. Set up SSH access
sudo mkdir -p /home/newuser/.ssh
sudo chmod 700 /home/newuser/.ssh
# Copy the user's public key to authorized_keys
sudo nano /home/newuser/.ssh/authorized_keys
sudo chmod 600 /home/newuser/.ssh/authorized_keys
sudo chown -R newuser:newuser /home/newuser/.ssh
# 5. Grant access to project directory
sudo chown -R :developers /path/to/project
sudo chmod -R g+rw /path/to/project
Temporary Access for Contractors
# Create contractor user with expiry date
sudo useradd -m -e 2025-07-31 -c "Contractor - Project X" contractor1
sudo passwd contractor1
sudo usermod -a -G projectx contractor1
# Check account expiry
sudo chage -l contractor1
7. Security Best Practices
Account Security Checklist
# Lock an unused account
sudo passwd -l username
# Find accounts with empty password (security risk)
sudo awk -F: '($2 == "") {print $1}' /etc/shadow
# Set password expiration
sudo chage -M 90 username # Password expires after 90 days
# Restrict sudo access to specific commands
sudo visudo
# Add: username ALL=(ALL) /usr/bin/apt, /bin/systemctl restart apache2
8. Conclusion
Mastering these essential Linux user management commands will streamline your system administration tasks and help maintain secure systems. While Linux offers many advanced user management features, the commands covered in this guide handle the majority of day-to-day user administration tasks.
Remember that effective user management is an ongoing process that requires regular attention to security practices and access control. By applying these commands and principles, you can create a well-organized and secure Linux environment for your team and organization.