Learn Linux CCNA CEH IPv6 Cyber-Security Online

In this tutorial we will learn about user and group management in linux.We will learn how to add and delete user and groups in linux.We will also learn how add multiple users and groups through simple script or program.Our this article contains linux user database and password related information.We will also see how to display or check password status of any linux user and how to set password expiry date for any linux user.Not only this we will also learn how to set account expiry date and set user to be inactive after certain number of inactive days.

There are many more in this article and to gain all you have to go through this article.

You can also read:

User and Group Management in Linux Part-2

User and Group Management in Linux Part-3

How to Lock and Unlock Users in Linux.

How to add user in Linux.

here I am going to add user tiwary using useradd command.

[root@localhost ~]# useradd tiwary

How to assign password to a linux user.

here i am going to assign passwword to user tiwary.Using this method you can also change
the password of any user in linux.

[root@localhost ~]#passwd tiwary

 

how to delete the password of any user:

here I am going to delete the password of user tiwary.Now what does it mean? It means now
user tiwary can login without password now.Now tiwary user have no password or you can
say blank password.

[root@localhost ~]#passwd -d tiwary

How to delete any user in linux:

here i am going to delete user tiwary using below userdel command.

[root@localhost ~]#userdel -r tiwary

how to see the users database:

To see the list of users and it’s related information like user name,user id,group id, user extra
information,user home directory and shell used by users you can use below command.

[root@localhost ~]#cat /etc/passwd
 jitu:x:500:500::/home/jitu:/bin/bash
 satish:x:501:501::/home/satish:/bin/bash
 u1:x:502:502::/home/u1:/bin/bash
 u2:x:503:503::/home/u2:/bin/bash
 u3:x:504:504::/home/u3:/bin/bash
 ldap:x:55:55:LDAP User:/var/lib/ldap:/bin/false
 ais:x:39:39:openais Standards Based Cluster Framework:/:/sbin/nologin
 mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
 raj:x:505:507::/home/raj:/bin/bash
 tiwary:x:506:508::/home/tiwary:/bin/bash
 [root@localhost ~]#

How to find user id of an user:

[root@localhost ~]# grep tiwary /etc/passwd
 tiwary:x:506:508::/home/tiwary:/bin/bash

How to find list of users in your linux machine:

[root@localhost ~]# cut -d: -f1 /etc/passwd
 root
 bin
shutdown
 halt
ftp
 nobody
 avahi
 sshd
 ldap
 ais
 mysql
 raj
 tiwary

Know little more detail about useradd command using below command:

[root@localhost ~]# whereis useradd
 useradd: /usr/sbin/useradd /usr/share/man/man8/useradd.8.gz

 

[root@localhost ~]# whatis useradd
 useradd (8) - create a new user or update default new user information
 [root@localhost ~]#

 

how to add a group in linux.

using below command i am going to add a group name linuxtiwary in my linux machine.

 [root@localhost ~]# groupadd linuxtiwary

 

How to check Group is created or not.

If you want to check whether group you want to create is already created or not or to see the
group related detailed informations you can use below command.

[root@localhost ~]# cat /etc/group

 

How to add user in group:

using below linux command i am going to add tiwary user to linuxtiwary group.Using same
command you can add as much user you want to any group you want.

[root@localhost ~]# usermod -G linuxtiwary tiwary

If you want to check whether user tiwary is added to group linuxtiwary or not type the below command.
[root@localhost ~]# cat /etc/group

How to remove a user from group.

here i am going to remove user tiwary from group linuxtiwary.

 [root@localhost ~]# gpasswd -d tiwary linuxtiwary

How to create multiple users in linux system.

Suppose we want to create user a b c d e f in your RedHat Enterprise Linux you can do that very easily using below command.

[root@localhost ~]# for USER in a b c d e f
 > do
 > useradd $USER
 > echo password |passwd --stdin $USER
 > done

 

Output:

Changing password for user a.
passwd: all authentication tokens updated successfully.
Changing password for user b.
passwd: all authentication tokens updated successfully.
Changing password for user c.
passwd: all authentication tokens updated successfully.
Changing password for user d.
passwd: all authentication tokens updated successfully.
Changing password for user e.
passwd: all authentication tokens updated successfully.
Changing password for user f.
passwd: all authentication tokens updated successfully.
You have new mail in /var/spool/mail/root
[root@localhost ~]#

explanation: echo password tells us that all above users password will be “password“.

How to create multiple users at a time and all of them has blank password.

 

suppose i am going to create 10 users named U1 U2 U3 U4 U5 U6 U7 U8 U9 and U10
respectively and i also want to login to these 10 uers without any password.So i want no
passwords for these users.Now see how you can do this.

 [root@localhost ~]# for user in U1 U2 U3 U4 U5 U6 U7 U8 U9 U10
 > do
 > useradd $user
 > passwd -d $user
 > done

 

Output:
Removing password for user U1.
passwd: Success
Removing password for user U2.
passwd: Success
Removing password for user U3.
passwd: Success
Removing password for user U4.
passwd: Success
Removing password for user U5.
passwd: Success
Removing password for user U6.
passwd: Success
Removing password for user U7.
passwd: Success
Removing password for user U8.
passwd: Success
Removing password for user U9.
passwd: Success
Removing password for user U10.
passwd: Success
[root@localhost ~]#

 

How to verify number of user accounts having empty passwords or no passwords:

[root@localhost ~]# awk -F: '($2 =="") {print}' /etc/shadow
 satish::17084:0:99999:7:::
 u1::17084:0:99999:7:::
 u2::17084:0:99999:7:::
 u3::17084:0:99999:7:::
 raj::17108:0:99999:7:::
 U1::17172:0:99999:7:::
 U2::17172:0:99999:7:::
 U3::17172:0:99999:7:::
 U4::17172:0:99999:7:::
 U5::17172:0:99999:7:::
 U6::17172:0:99999:7:::
 U7::17172:0:99999:7:::
 U8::17172:0:99999:7:::
 U9::17172:0:99999:7:::
 U10::17172:0:99999:7:::
 You have new mail in /var/spool/mail/root
 [root@localhost ~]#

 

How to Lock all empty password user account.

here i am going to lock user satish because i found user satish have empty password.

 [root@localhost ~]# passwd -l satish
 Locking password for user satish.
 passwd: Success
 [root@localhost ~]#

how to make sure that no other user except root account have UID set to “0”.

Note if any user having UID “0” it means that user got the permission of root,because only
root user have UID “0”.

[root@localhost ~]# awk -F: '($3 == "0") {print}' /etc/passwd
 root:x:0:0:root:/root:/bin/bash

How to list the password and its related details for an user in Linux?

Now here i am going to see the details of user satish using chage command.

 

[root@localhost ~]# chage --list satish
 Last password change : Oct 10, 2016
 Password expires : never
 Password inactive : never
 Account expires : never
 Minimum number of days between password change : 0
 Maximum number of days between password change : 99999
 Number of days of warning before password expires : 7
 [root@localhost ~]#

How to set password Expiry date for any user.

here i am going to set password Expiry date for user satish
Lets set 10 days and after that user satish password will expire.

[root@localhost ~]# chage -M 10 satish

Now you can check password expiry date for user satish using chage command.

[root@localhost ~]# chage --list satish
 Last password change : Oct 10, 2016
 Password expires : Oct 20, 2016
 Password inactive : never
 Account expires : never
 Minimum number of days between password change : 0
 Maximum number of days between password change : 10
 Number of days of warning before password expires : 7
 [root@localhost ~]#

 

How to set an Expiry Date for a Linux User.

Let us suppose i want user satish to be expired after 31st january 2017.
so now what will be the command to do that. see below.

 

[root@localhost ~]# chage -E "2017-01-31" satish

Now you can check the account expire date of user satish using below command.

[root@localhost ~]# chage --list satish
 Last password change : Oct 10, 2016
 Password expires : Oct 20, 2016
 Password inactive : never
 Account expires : Jan 31, 2017
 Minimum number of days between password change : 0
 Maximum number of days between password change : 10
 Number of days of warning before password expires : 7
 [root@localhost ~]#

How to force the user accounts to be locked after certain number of inactive days.

Suppose you want user satish to be automaticaly locked if he remain inactive for 50 days.
You can do all this by a very simple command.

[root@localhost ~]# chage -I 50 satish

How to see the password status of any linux user.

Using below command you can verify password status of any linux user.You can find whether user account is locked, or account has no password.

[root@localhost ~]# passwd -S satish
 satish LK 2016-10-09 0 10 7 50 (Password locked.)
 [root@localhost ~]#