Shulou(Shulou.com)06/01 Report--

This article mainly explains "how to add users to linux". The content in the article is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn how to add users to linux.

To add a user to the system:

Use the useradd command to create a locked user account:

Useradd

Use the passwd command to unlock an account by assigning passwords and password aging rules:

Passwd

The command line options for useradd are listed in Table 25-1.

Option description-comments for c comment users. -d home-dir is used to replace the default / home/ username home directory. -edate the date on which the account is disabled. The format is: the number of days before the account is disabled after the YYYY-MM-DD-f days password expires. If 0 is specified, the account will be disabled immediately after the password expires. If-1 is specified, the account will not be disabled after the password expires. -g the group name or number of the default group for group-name users (this group must exist before it is specified). -A list of additional group names or group numbers (other than the default) of which the Ggroup-list user is a member, separated by a comma (the group must exist before it is specified). -m create a home directory if it does not exist. -M do not create a home directory. -n do not create private user groups for users. -r create a system account with a UID less than 500 without a home directory. -p password uses a password encrypted by crypt. -s user's login shell, default is / bin/bash. -u uid user's UID, which must be unique and greater than 499.

Table 25-1. Useradd command line options

Add a group

To add a group to the system, use the groupadd command:

Groupadd

The command line selections for groupadd are listed in Table 25-2.

Option description-g gid group GID, which must be unique and greater than 499. -r create a system group less than 500. -f if the group already exists, exit and display an error (the group will not be changed). If the-g and-f options are specified and the group already exists, the-g option is ignored.

Table 25-2. Groupadd command line options

Password aging

For security reasons, it is wise to require users to change their passwords on a regular basis. This can be done when adding or editing users on the password Information tab of the user Manager.

To configure password expiration for a user from the shell prompt, use the chage command, followed by the options in Table 25-3, and the user name.

Important: to use the chage command, the mask password must be enabled.

Option description-m days specifies the minimum number of days between which the user must change the password. If the value is 0, the password will not expire. -M days specifies the maximum number of days the password is valid. When the number of days specified by this option plus the number of days specified by the-d option is less than the current date, the user must change the password before using the account. -d days specifies the number of days that passwords have been changed since January 1, 1970. -I days specifies the number of days of inactivity before the account is locked after the password expires. If the value is 0, the account will not be locked after the password expires. -E date specifies the date on which the account is locked. The date format is YYYY-MM-DD. If you do not use a date, you can also use the number of days that have elapsed since January 1, 1970. -W days specifies the number of days to warn the user before the password expires.

Table 25-3. Change command line options

Tip: if the chage command is followed by a user name (no other options), it will display the aging values of the current password and run them to be changed.

If the system administrator wants the user to set the password when he logs in for the first time, the user's password can be set to expire immediately, forcing the user to change it immediately after the first login.

To force a user to configure a password when logging in to the console for the first time, follow these steps. Note that this process will not work if the user logs in using the SSH protocol.

Lock the user's password-if the user does not exist, use the useradd command to create the user account, but do not give it any password, so it is still locked.

If the password is already enabled, use the following command to lock it:

Usermod-L username

Force the password to expire immediately-type the following command:

Chage-d 0 username

This command sets the date on which the password was last changed to epoch (January 1, 1970). This value forces the password to expire immediately, regardless of whether the password expiration policy exists or not

Unlock your account-there are two common ways to do this. The administrator can assign an initial password or an empty password.

Warning: do not use passwd to set the password, as it will disable the password that you just configured expires immediately.

To assign an initial password, follow these steps:

Use the python command to start the command line python interpreter. It is shown as follows:

Python 2.2.2 (# 1, Dec 10 2002, 09:57:09)

[GCC 3.2.1 20021207 (Red Hat Linux 8.03.2.1-2)] on linux2

Type "help", "copyright", "credits" or "license" for more information. > > >

At the prompt, type the following command (replace password with the password to be encrypted and salt with exactly two uppercase or lowercase letters, numbers, dot characters, or slash characters, such as + ab or + 12):

Import crypt; print crypt.crypt ("password", "salt")

The encrypted password output is similar to 12CsGd8FRcMSM.

Type [Ctrl]-[D] to exit the Python interpreter.

Cut and paste the output of the encrypted password into the following command (no leading and trailing space):

Usermod-p "encrypted-password" username

Instead of assigning an initial password, you can also use the following command to assign an empty password:

Usermod-p "" username

Beware: using an empty password is convenient for both users and administrators, but it carries a slight danger-third parties can log in and enter the system first. To reduce this threat, it is recommended that the administrator verify that the user is ready to log in when unlocking the account.

In either case, the user will be prompted for a new password after logging in for the first time.

An interpretation of the process

The following steps demonstrate what happens after using the useradd juan command on a system with a mask password enabled:

A new line about juan has been added to the / etc/passwd file. The characteristics of this line are as follows:

It starts with the user name juan.

There is an "x" in the password field, indicating that the system uses a shielded password.

500 or more UID has been created. (in Red Hat Linux, less than 500 UID and GID are reserved for system use. )

500 or more GID has been created.

The optional GECOS information is left blank.

The home directory of juan is set to / home/juan/.

The default shell is set to / bin/bash.

A new line about juan has been added to the / etc/shadow file. The characteristics of this line are as follows:

It starts with the user name juan.

The two exclamation marks (!!) that appear in the password field in the / etc/shadow file lock the account.

Note: if an encrypted password is passed with the-p flag, the password will be placed on the line in the / etc/shadow file for that user.

The password is set to never expire.

A new line of information about the juan group has been added to the / etc/group file. A group with the same user name is called a user private group (user private group). For more information about user private groups, please refer to Section 25.1.

The new line in the / etc/group file has the following features:

It starts with the group name juan.

There is an "x" in the password field, indicating that the system uses a shielded password.

GID is the same as in the user juan line in the enumeration / etc/passwd file.

A new line about juan groups has been added to the / etc/gshadow file. The characteristics of this line are as follows:

It starts with the group name juan.

An exclamation point (!) that appears in the password field in the / etc/gshadow file locks the group.

All other fields are blank.

The directory for the user juan is created under the / home/ directory. This directory is owned by user juan and group juan. Its read, write and execute permissions are only owned by the user juan. All other permissions are denied.

Files in the / etc/skel/ directory (which contains the default user settings) are copied to the newly created / home/juan/ directory.

At this point, there is a locked account called juan on the system. To activate it, the administrator must use the passwd command to assign a password to the account, or you can set the password aging rule.

What is the command for linux to delete a user?

Reward points: 0-solution time: 2007-1-11 17:28

The original intention is to establish a password set by the user. Later, after entering useradd pt, there should be a password prompt for me to enter, the system does not prompt, no password can not log in! You can only use rootballs! Senior, do me a favor! Delete the original redundant users! Building!

Questioner: lshy188-probationary level 1

Best answer

LINUX commands to create a user

Useradd-g test-d / home/test1-s / etc/bash-m test1

Note:-g belongs to the group-d home directory-s SHELL used

Delete user command

Userdel-r test1

Create password command

Passwd

With this delete command, an error will occur if the user is logging in somewhere else at this time

Such as userdel: user kylinyang is currently logged in

Thank you for your reading, the above is the content of "how to add users to linux", after the study of this article, I believe you have a deeper understanding of how to add users to linux, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.