Create Users

For data safety and security reasons, it is not recommended to work with a Linux system under root as it may lead to accidental but irreversible file or system damage.

In this guide, we will describe how to create users in Ubuntu/Debian and CentOS and assign them sudo privileges. With sudo, the user will be able to perform operations as root when necessary.

Creating Users with sudo Privileges

To create a user without sudo privileges, simply follow the first three steps.

Step 1. Create a New User

You can do this with the adduser command:

adduser <username>

For example:

adduser hostman

This command will automatically add the new user to a group with the same name and create a home directory.

Step 2. Set the User Password

• In Ubuntu or Debian, you will be prompted to enter the new user's password. You will need to enter it twice.
• In CentOS, run the following command:

passwd <username>

For example:

passwd hostman

Enter the password twice.

Step 3. Enter User Information

• In Ubuntu / Debian, the system will propmt you to enter additional information about the user (name, phone number, etc.). You can enter these data or press Enter to use the default (empty) values. Next, press Y to confirm.
• In CentOS, you need to run a specific command if you wish to enter additional information:

chfn <username>

Enter the necessary data.

At this point, you have successfully created a user without sudo privileges. You can switch to the new user with:

su - <username>

Step 4. Assign sudo Privileges

To assign sudo privileges, you need to add the user to the sudo group.

• Ubuntu / Debian:

usermod -aG sudo <username>

• CentOS:

usermod -aG wheel <username>

Step 5. Check the New User

Switch to the new user:

su - username

Enter the user's password when prompted.

Now, try to execute any command that requires sudo. For example, you can list the /root directory content which a normal user cannot access.

sudo ls -la /root

If the system lists the /root direcory, your new user is all set. 

Step 6. (Optional) Disable root Login

This step is optional but for extra security, you can disable remote access for the root superuser. This ensures that users will always need to connect under their own accounts, allowing you to track actions on the server, see who made specific changes, and so on.

You will need a text editor for this operation. Let's install nano:

sudo apt install nano

1. Open the /etc/ssh/sshd_config file:

sudo nano /etc/ssh/sshd_config

2. Find the line PermitRootLogin and change its current value to:

PermitRootLogin no

3. Exit the editor, saving your changes (use the key combination Ctrl + X, then Y, then Enter).
4. Restart the SSH service with the commands below.

On Ubuntu / Debian:

sudo service ssh restart

On CentOS:

sudo service sshd restart

Commands for Managing Users

Use id to get user information:

id <username>

The output will look similar to this:

uid=1000(<username>) gid=1000(<username>) groups=1000(<username>),27(sudo)

To changer the user password, run:

passwd <username>

To list all existing users:

cat /etc/passwd

To list all users currently logged in the system, use:

w

To delete a user, run:

deluser <username>