How to Create a User on Linux

Adding users to a Linux machine is simply a basal management task, and location are respective ways to execute this. Each method of creating users has benefits and drawbacks, and we'll locomotion you done 3 different personification creation techniques.

Why Linux Computers Need Users

A personal computer without a personification doesn't really magnitude to much. Linux supports multiple users. Whether they log successful astatine nan aforesaid clip and stock nan computer's power, aliases motion successful singly erstwhile they person exclusive usage of nan machine, each personification needs a unsocial personification account.

A personification relationship encapsulates that user's activity and provides privacy. It besides allows power and governance to beryllium applied to nan account. Different users tin person different capabilities according to their needs aliases their domiciled aliases usability by changing nan attributes of their personification account, for illustration which groups they beryllium to.

Whether you stock your machine pinch family members aliases administer a multi-user installation for an organization, creating personification accounts is simply a basal administrative skill.

Create New Linux Users With nan useradd Command

The useradd bid is nan lowest-level bid utilized for adding users. Other commands enactment arsenic friendlier front-ends for nan useradd command. This adds immoderate convenience and makes nan process easier, but nan different commands don't do thing that you can't execute pinch useradd and a small thief from nan passwd command.

The useradd bid has a batch of options, nan ones you'll request to make a emblematic caller personification are shown below. Needless to say, you'll person to usage sudo to adhd a user.

sudo useradd -s /bin/bash -m -c "Mary Quinn" -Gsambashare maryq

The bid is composed of:

• sudo: We request administrator privileges to let a caller personification to entree nan computer.
• useradd: The useradd command.
• -s /bin/bash: The ammunition option. This sets nan default ammunition for this caller user.
• -m: The make location directory option. This creates a directory successful nan "/home/" directory, pinch nan aforesaid sanction arsenic nan caller personification relationship name.
• -c "Mary Quinn": The afloat sanction of nan caller user. This is optional.
• -Gsambashare: The further group option. This is optional. The caller personification is added to a group pinch nan aforesaid sanction arsenic their relationship name. The -G action (note, superior "G") adds nan personification to supplementary groups. The groups must already exist. We're besides making nan caller personification a personnel of nan "sambashare" group.
• maryq: The sanction of nan caller personification account. This must beryllium unique. It cannot already beryllium successful usage for different user.

This creates nan caller personification account, creates their location directory, and populates it pinch immoderate default hidden files. We tin look into their location directory for illustration this:

sudo ls -ahl /home/maryq

Our caller personification will not beryllium capable to log in. We haven't created a password for them. It is imaginable to walk nan password to nan useradd bid utilizing its -p (password) option, but this is considered bad practice. Moreover, you must supply nan password successful its encrypted form, truthful it isn't arsenic straightforward arsenic it sounds.

It is easier, and much secure, to usage nan passwd bid to set nan password for nan caller account.

sudo passwd maryq

You're prompted for nan password, past asked to participate it erstwhile much to verify it. This password must beryllium communicated securely to nan caller user. It's advisable that they are prompted to alteration their password erstwhile they log in. This intends they tin take their ain password, and nary 1 other will cognize it.

sudo passwd --expire maryq

We tin spot our caller personification relationship and comparison it to an existing 1 by looking wrong nan "/etc/passwd" file.

grep -E "dave|maryq" /etc/passwd

In order, nan colon ":" separated fields are:

• maryq: The sanction of nan personification account.
• x: An "x" successful this section intends nan personification relationship password is encrypted and held successful nan "/etc/shadow" file.
• 1001: The personification relationship ID.
• 1001: The ID of nan default group for this personification account.
• Mary Quinn: This is the GECOS field. It tin clasp a group of comma "," separated values of other information. All we added was nan afloat sanction of nan user.
• /home/maryq: The way to nan location directory for this account.
• /bin/bash: The way to nan default ammunition for this account.

When our caller personification first logs in, they will usage nan password you created for them.

Because we group their password to nan "expired" condition, they'll beryllium prompted to alteration it. They must re-enter their existing password.

They are past prompted for their caller password.

Once they type their caller password and deed "Enter", they are asked to re-enter nan password to verify it.

Finally, they're logged in. They must usage nan caller password to log successful from now on.

Some housekeeping is performed and nan accustomed "Documents", "Downloads", and different directories are created for them successful their location directory.

The GECOS section tin incorporate up to 5 comma-separated pieces of information. These are seldom used. If immoderate are populated astatine all, it is usually nan first one, which holds nan real-world sanction of nan proprietor of this account.

The fields are:

• The real-world sanction of this user.
• The room number of this user.
• Their activity phone.
• Their location phone.
• Any different information.

If we'd wanted to supply each of this erstwhile we created nan relationship we could person done so, for illustration this:

sudo useradd -s /bin/bash -m -c "Mary Quinn,Operations 1,555-6325,555-5412,Team Leader" -Gsambashare maryq

We tin use grep to spot that this accusation has been stored successful nan "/etc/passwd" file.

grep maryq /etc/passwd

If you don't person this accusation to manus erstwhile you create nan relationship it tin beryllium added aliases changed later utilizing nan chfn command.

This accusation is utilized by commands specified arsenic digit and pinky.

finger maryq

Make New User With nan adduser Command

The adduser bid wraps nan creation of nan account, its location directory, mounting nan password, and capturing nan GECOS section accusation into 1 interactive session.

The adduser bid was already coming connected our Ubuntu and Fedora trial machines but had to beryllium installed connected Manjaro. It's successful nan Arch User Repository, truthful you'll request to usage an AUR helper specified arsenic yay to instal it.

yay adduser

To commencement nan process, usage sudo and supply nan sanction of nan personification relationship you're adding:

sudo adduser maryq

The default group for nan personification relationship is created, and nan personification relationship is added pinch that group arsenic its default. The location directory is created and nan hidden configuration files are copied into it.

You're prompted to supply a password.

When you supply a password and deed "Enter", you're prompted to re-enter nan password to verify it.

You're asked successful move for each of nan pieces of accusation that tin spell into nan GECOS field.

Either supply immoderate accusation and deed "Enter" to move to nan adjacent field, aliases conscionable deed "Enter" to skip a field.

Finally, you're asked if nan accusation you person provided is correct. Press nan "Y" key, and deed "Enter" to complete nan process.

Remember to group nan password for nan caller relationship arsenic "expired" truthful that nan caller personification is required to alteration it erstwhile they first log in.

sudo password --expire maryq

Use GNOME User Settings (the GUI Option) to Create a New User

To make a caller personification successful the GNOME desktop environment, unfastened nan strategy paper by clicking connected nan right-hand separator of nan GNOME panel, adjacent nan power, volume, and web icons.

Click connected nan "Settings" paper entry.

The Settings exertion will open. Click connected nan "Users" introduction successful nan sidebar, past click connected nan "Unlock" fastener successful nan "Users" pane.

You will request to participate your password.

A greenish "Add User" fastener will appear.

Click this button. The "Add user" dialog appears. It contains a shape that captures nan specifications of nan caller user.

Fill successful nan shape pinch nan specifications of nan caller user. If you want them to beryllium capable to use sudo, click nan "Administrator" button.

You tin either group their password now aliases time off it to them to take a password erstwhile they first log in. If you group a password you'll person to retrieve to unfastened a terminal model and usage nan passwd bid to group it to nan "expired" state. That'll unit them to group their ain password nan first clip they log in.

That's a spot of a symptom to person to spell to nan terminal erstwhile you're trying to usage nan GUI to execute nan creation of nan caller user.

If you click nan "Allow personification to group their ain password erstwhile they adjacent login" power fastener nan personification is prompted for a caller password erstwhile they effort to log in. But nan drawback present is that nan first personification who tries to usage nan caller relationship tin group nan password. So anyone who knows nan relationship has been created and who thumps nan genuine caller personification to trying to log successful tin return complete nan account.

Neither of these situations is ideal.

Click nan greenish "Add" fastener erstwhile you've completed nan shape and made your selections.

We selected nan "Allow personification to group their ain password erstwhile they adjacent login" option. When nan personification tries to log successful they're prompted for a caller password. But, dissimilar nan series we saw earlier, they are not prompted for their existent password — they don't person one.

As you'd expect, they person to participate it erstwhile much to verify it.

Which Method of Adding Users Should I Use?

Aren't judge which personification creation method we've outlined is champion for you? Well, nan useradd bid gives granular control, but there's a batch to get correct connected nan bid line.

The adduser bid makes life easier but doesn't let you to participate nan caller personification into further groups.

The GUI method successful GNOME has drawbacks whichever password power fastener you choose.

In astir informal aliases home situations, adduser bid astir apt gives you nan champion equilibrium betwixt capacity and functionality. If you request to adhd nan caller personification to an further group, you tin do that erstwhile they've been created, using nan usermod command.