User Management in Linux

User Management in Linux play a vital role and main important concept to learn in the journey of Linux

---

It generally divided into three category

• Root User → That is the super user or u can say admin.

• System User → That is Created automatically during system/software installation.

• Local User → That is Created for real people who use the system.

  Type

  | | UID Range | Login? | Purpose | | --- | --- | --- | --- | | Root | 0 | Yes | Full admin control | | Human User | 1000+ | Yes | Real users | | System User | < 1000 | No | Run services & daemons |

Before Starting with some command One question that is majorly ask from the students or they have to know that why user do not login with root or don’t use root account Because if two different users have access of root account then it is difficult to know who made changes or create cause as root user is super user that has access to everything. he/she can delete install and can do anything that is the main reason no one use root login if someone needs power to do install , delete then main user can give that access or put that user into super user group that group is to be known as ‘SUDO’ group

Now Lets start with some commands to create user and groups

• Create User

  • There are basically to command to create user

    • 1. Low level command that only create user → sudo useradd <username>

    • 2. High level command that not only create user but also create its folder in home directory and install by default dependencies also → sudo adduser <username>

• Delete User

  • sudo userdel -r <username>

• Create password for user

  • sudo passwd <username>

• to check from which user you have logged in

  • whoami

• to check existing all users list

  • sudo cat /etc/passwd

• to check existing users hash passwords

  • sudo cat /etc/shadow

• to get user whole description

  • id <username>

• to get list of all groups

  • sudo cat /etc/group

• create group

  • sudo groupadd <groupname>

• delete group

  • sudo delgroup <groupname>

• add user in a group

  • sudo usermode -aG <groupname> <username>

• change username

  • sudo usermod -l <newusername> <previoususername>

Now user is created , Group is created and There passwords are also created so we can easily login without any issue but first we have to change a file and allow user login via passwords

1. cd /etc/ssh/sssd_config.d/

2. sudo vim 60_clouding

3. press i then password Authentication yes

4. press esc then write :wq

5. sudo systemctl restart ssh

now enabled user login via password but this approach is not secured so when ever u create any user create ssh key for that user via ssh-gen so that user will always login from that key in this way there is no headache of remembering passwords n all.

Now lets see the process to create ssh key and try to login via that

1. when u create a user then inside that user name folder create a ssh folder and inside that create a file called authorized_keys

2. in your terminal create ssh key vis → ssh-keygen -t rsa -b 4096 -f <location with file name >

3. it will create two keys one is public another is private

4. copy public key and paste in that authorized_keys file

5. then provide private key to the user and u can easily login via ssh key

if u create user from we can say ubuntu that has sudo access then remember the authority of created user has ownership of that folder in which ssh is created so for that u can user this command when created folder and file that is

• sudo -u <username> mkdir -p /home/username/.ssh

• sudo ls -la /home/username/

• sudo chmod 700 /home/username/.ssh

• echo ‘ <paste here public key>‘ | sudo -u <username> tee /home/username/.ssh/authorized_keys

Now u can login into user via ssh private key just go to the location in your terminal where key is present then write command ssh -i ‘<private key file>‘ username‘ @ipaddress

and if login via password then write → ssh usernname@ipaddress

In the last one thing to remember that if u can any user to give access to install delete update any power then just add him to sudo group as this group provide user access to work as an admin