X
Tech

5 Linux commands for managing users

If you're managing Linux users from the command line, these are the tools you need.
Written by Jack Wallen, Contributing Writer
Ultimate Hacking Keyboard closeup.
Jack Wallen/ZDNET

When I need to work with Linux user accounts, I tend to default to the command line. Sure, there are GUIs for this purpose, but I find the command line to be more efficient and effective at this task. On top of that, I am often managing Linux users on remote servers, so the command line is my best option.

So, what commands are the best to learn for user management? Here are my top five. 

1. adduser

There are two different commands for adding users: useradd and adduser. I find the adduser command is the best way to go -- it doesn't require extra options to create the user's home directory, and it prompts you to create a password for the user (so you don't have to work with yet another command for that purpose).

When you issue adduser, you must use sudo and add the username, like this:

sudo adduser USERNAME

Here, USERNAME is the name of the user to be added. You'll be prompted to type the user's full name and a few other bits of information (some of which can be left blank). Finally, you'll type/verify a password for the user.

2. usermod

This command lets you modify a user account, whether you need to add a user to groups, change a user's login directory, expire an account, or lock a user out. This command is crucial for anyone who has to administer a Linux machine with multiple users. 

To add a user to a group, you would issue: 

sudo usermod -aG GROUP USER

In this example, GROUP is the name of the group and USER is the name of the user to be added to the group. The aG options are for append and group.

Also: Want to save your old computer? Try these 5 Linux distributions

You can lock a user out of their account with:

sudo usermod -L USER

Here, USER is the username to be locked out.

To unlock the user, the command is:

sudo usermod -U USER

3. passwd

When you have to change a user password (or a user needs to change their password), the passwd command is all you need. The command is used like this:

sudo passwd USER

USER is the name of the user whose password needs to be changed. Users can use this command to change their own password, but they must have sudo privileges to do so. You can also use the passwd command to expire a user's password, which forces them to change it. To do that, issue the command:

sudo passwd -e USER

Here, USER is the username whose password needs to be expired.

Also: Thinking about switching to Linux? 10 things you need to know

4. userdel

When someone is no longer working for the company (or no longer in the house), you may need to delete users. You don't want to leave those accounts hanging around, lest someone abuse them. For that, the userdel command is ready to help. If you run the command without any options, it'll disable the account but leave the user's home directory intact. This is handy in case you need access to that user's files.

To delete a user (and retain their home directory), the command is:

sudo userdel USER

Where USER is the user in question.

Also: How to connect Linux and Android - and why you should

To also delete the user's home directory, issue the command:

sudo userdel -r USER

USER is the user to be deleted.

5. lslogins

If you need to view detailed information about a user, like their last login time, the IP address of the machine they logged in from, the groups to which they belong, and more, implement the lslogins command, like this:

lslogins USER

Here, USER is the name of the user. You'll be presented with more information than you probably need about that user.

To learn more about how each command is used, be sure to view the man pages for each (man adduser, man usermod, man passwdman userdel, and man lslogins).

Editorial standards