User & Group Management ==================================================================================== Adding Users ==================================================================================== Adding Users To add a user, the useradd command can be used. useradd username If you want to create a user with it's own home directory, this can be done using the -m flag: useradd -m username The default contents of a users home directory are defined within the /etc/skel directory, please see HERE for more info on this. ------------------------------------------------------------------------------------------------------------------------------------------------ Adding a system user useradd -r username Once created, you'll want to restrict the account by disabling the ability for login, as mentioned here ------------------------------------------------------------------------------------------------------------------------------------------------ Default options There are lots of different options that can be set when creating users and groups, the default options can be viewed using the below command: useradd -D ------------------------------------------------------------------------------------------------------------------------------------------------ Additional options: -e -expires -e 2023/12/31 -c - comment -c "full name" -s -shell -s /bin/sh ------------------------------------------------------------------------------------------------------------------------------------------------ Groups When creating a user, you can also specify groups to add the user to, this is done using the -G flag: useradd -G groupname username ------------------------------------------------------------------------------------------------------------------------------------------------ Comments When creating a user, you can also opt to add a comment using the -c flag, for example this could be a name: useradd -c "comment" username ==================================================================================== Passwords ==================================================================================== Set Password Once a user has been created, you can add a password using the passwd command: passwd username Once run, you'll be prompted to enter a new password ------------------------------------------------------------------------------------------------------------------------------------------------ Changing password Changing a users password can be done using the passwd command when signed in as that user. You can either SSH to the server directly using the required user, or access as root and use su- username to access the user. Once accessed, the passwd command can be run alone to change the password: passwd You can also change a users password using root: passwd username ------------------------------------------------------------------------------------------------------------------------------------------------ Additional Options: chage  Checking user password metrics (password expiration, last time password changed) chage -l username Forcing password change at logon chage -d 0 username Temporary Password When setting a password, you're able to set a temporary placeholder password that can be used to log in by the user, upon logging in the user will be prompted to change to a password of their choice. This can be achieved by using the -e flag after setting a password passwd username #set as temp password passwd -e #sets password as expired ==================================================================================== Deleting Users ==================================================================================== Deleting Users Users can be deleted using the userdel command: userdel username The above command only removes the user from the system, without removing their home directory. Remove user and home directory userdel -r username ==================================================================================== Modifying Users ==================================================================================== Post Creation, users can be modified using the usermod command. Add User To Group usermod -a -G groupname username ------------------------------------------------------------------------------------------------------------------------------------------------ Lock/Unlock Users Lock User Login usermod -L username Unlock User Login usermod -U username ------------------------------------------------------------------------------------------------------------------------------------------------ Disable login access usermod -s /sbin/nologin username or we can use the change shell (chsh) command: chsh -s /bin/nologin username ------------------------------------------------------------------------------------------------------------------------------------------------ Change User Home Directory usermod -d /pathtonewhome username chown username:usergroup /pathtonewhome ==================================================================================== Groups ==================================================================================== Viewing Groups groups username ------------------------------------------------------------------------------------------------------------------------------------------------ Creating Groups New groups can be created using the groupadd command: groupadd groupname ------------------------------------------------------------------------------------------------------------------------------------------------ Managing group users Users can be added/removed from a group with 2 main methods,  They can be added when initially created, as mentioned above  They can be added after creation using the usermod command, as mentioned above They can be added using the gpasswd command. Add a user to a group gpasswd -a username groupname Removing a user from a group gpasswd -d username groupname Add user to a group as an admin gpasswd -A username groupname ------------------------------------------------------------------------------------------------------------------------------------------------ Deleting groups Groups can be removed using the groupdel command, note that this doesn't delete the users that are part of this group. groupdel groupname ------------------------------------------------------------------------------------------------------------------------------------------------ Modifying Groups There are various group properties that can be modified using the groupmod command. ------------------------------------------------------------------------------------------------------------------------------------------------ Change Group Name groupmod -n newname oldname ------------------------------------------------------------------------------------------------------------------------------------------------ Change Group ID groupmod -g NEWID groupname