If you manage a Linux server long enough, you’ll eventually do this: log in as root, run something risky, and then think, “I should have used a normal user with sudo.”
That’s the common mistake: using root for everything instead of creating proper users and groups.
This guide is for you if you:
– Maintain a VPS or home server
– Need to add users, give sudo access, or remove users
– Prefer doing it quickly from the terminal without extra tools
We’ll keep it simple and stick to a small set of commands so you don’t have to remember ten different syntaxes.
What You’ll Use: Core Commands for User Management
We’re going to use only these commands:
adduser– add a new userpasswd– change a user’s passwordusermod– add a user to a groupgroups– check which groups a user belongs todeluser– delete a user
All examples assume you have sudo access (e.g. on Ubuntu) and will be run in the terminal.
You don’t need to memorize everything; you can copy–paste and adjust usernames as needed.
1. Safest Starting Point: Add a New User
The first step on a fresh server (or shared box) is usually adding a separate user instead of living as root.
Basic syntax:
sudo adduser username_baru
Example:
sudo adduser linus
What happens when you run it:
– Linux creates a new group with the same name as the user
– It creates /home/linus
– It copies default files from /etc/skel into that home
– It asks you for a password, then some optional user info
You’ll see something similar to:
Adding user `linus' ...
Adding new group `linus' (1002) ...
Adding new user `linus' (1002) with group `linus' ...
Creating home directory `/home/linus' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for linus
That’s it. New user created, home directory set.
Common mistake to avoid:
Don’t skip creating a normal user and do everything as root. One wrong command as root can destroy the system much faster.
2. Change or Fix a User Password
Sometimes a user forgets their password, or you just want to rotate it.
The command is straightforward:
sudo passwd username
Example:
sudo passwd linus
The system will ask:
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Why this matters:
– If a user’s password is weak or exposed, you can fix it quickly
– If you just created the user and mistyped the password, you don’t need to delete and recreate them
Safety tip:
Use strong passwords and share them securely. Don’t paste passwords in chat apps that store history forever.
3. Give a User Sudo Access via Group
On Ubuntu and similar systems, a normal user cannot run sudo by default.
You must add the user to the right group. The source example uses sudo group.
Command syntax:
sudo usermod -a -G namagroup username
To add linus to the sudo group:
sudo usermod -a -G sudo linus
Explanation:
– usermod – modify an existing user
– -a – append the group (don’t remove existing ones)
– -G – specify the group name
The note from the source is clear: this command is used to put user linus into group sudo so that linus can become root or run sudo commands on Ubuntu.
Very important mistake to avoid:
Don’t forget the -a (append). Without it, you risk replacing all existing groups for that user when you set new groups.
After running the command, log out and log back in as that user so group membership updates in the session.
4. Check Which Groups a User Belongs To
Before you start editing groups blindly, it’s smart to check what’s already there.
Fastest way:
groups username
Example:
groups linus
This will print something like:
linus : linus sudo
That tells you the user linus is in groups linus and sudo.
The source also mentions another option: you can check the group file directly. This is typically /etc/group on Linux.
For a quick look you can do:
cat /etc/group
But for targeted checking, use groups username first. It’s clearer and less noisy.
Why this matters:
– You confirm the user really got added to sudo or any other group
– You avoid guessing when debugging permission problems
5. Remove a User Safely
At some point you’ll need to remove a user – maybe an ex-employee, a test account, or a temporary user.
The basic command from the source is:
sudo deluser username
Example:
sudo deluser linus
This removes the user account. Depending on your system’s deluser configuration, it may not automatically delete the user’s home directory.
Safety tips before deleting a user:
– Check if there are important files in their home directory
– Back up anything you might need later (e.g. project files, configs)
You can quickly inspect their home directory with:
ls -la /home/linus
If you’re not 100% sure, back it up to a safe location before running deluser.
Remember: once you remove a user and clean up their home, recovering their files is not fun.
6. Quick Workflow Recap (From Fresh User to Removal)
Here’s a simple step-by-step flow you can reuse on any Ubuntu-style system.
1. Create a new user
sudo adduser linus
Follow the prompts, set a strong password.
2. (Optional) Change their password later
sudo passwd linus
Use this if the password is lost, weak, or leaked.
3. Add the user to the sudo group
sudo usermod -a -G sudo linus
This lets linus run commands with sudo instead of logging in as root.
4. Confirm group membership
groups linus
Look for sudo among the listed groups.
5. When you no longer need the user, remove them
First, check their files:
ls -la /home/linus
Back up what you need, then:
sudo deluser linus
That’s the full lifecycle using only a few commands.
Final Notes and Next Step
You don’t need a huge toolbox to manage Linux users. With adduser, passwd, usermod, groups, and deluser, you can handle most day-to-day user management from the terminal.
The big things to remember:
– Avoid working as root for normal tasks
– Use adduser to create users with proper home directories
– Use usermod -a -G sudo username to grant sudo access (don’t forget -a)
– Use groups username to confirm group membership
– Back up user data before deleting accounts
If this worked for you, keep CrushEdge handy for the next fix.
No Comments