User creation is one of the most common task in traditional Linux system administration. It is so popular that there are even two command line utilities: adduser
(Debian and its derivates) and useradd
(all). And since it’s so popular many different administrators have many different solutions for the same problem.
Here I present mine. Note that I prefer sudo
over working as root
, but the steps work with root as well. Just omit the sudos.
- Create a personalised user group.
$ sudo groupadd newuser
- Create the user with a home directory, a good default shell, its user group and further desired groups assigned.
$ sudo useradd -m -s /bin/bash -g newuser -G sudo,orga newuser
- Set the user’s initial password.
$ sudo passwd newuser
Step summary for your automation needs
sudo groupadd newuser
sudo useradd -m -s /bin/bash -g newuser -G sudo,orga newuser
sudo passwd newuser
Prepare SSH access for our new Linux user
If required, we can now enable the user to connect to our machine via SSH. We assume that the SSH demon is up and running and the user’s public key is available on our machine.
- Change into the user’s home directory.
$ sudo cd /home/newuser/
- Create the
.ssh
directory.$ sudo mkdir .ssh
- Set the directory permissions of
.ssh
to 0700 (read-write-execute only for the user).$ sudo chmod 0700 .ssh/
Note that the execute permission is necessary to access the directory; read does not suffice. This might be a little counterintuitive for new admins. (It surely was for me. 😅) - Change into our meticulously prepared directory.
$ sudo cd .ssh/
cat
the user’s public key into a new file calledauthorized_keys
.sudo cat /path/to/pubkey > authorized_keys
- Set the
authorized_keys
file permissions to 0600.sudo chmod 0600 authorized_keys
- Make sure that everything we created is assigned to the new user.
cd ..
sudo chown -R newuser:newuser .ssh/
Now the user should be able to connect to us with SSH.
Step summary for your automation needs
sudo cd /home/newuser/
sudo mkdir .ssh
sudo chmod 0700 .ssh/
sudo cd .ssh/
sudo cat /path/to/pubkey > authorized_keys
sudo chmod 0600 authorized_keys
cd ..
sudo chown -R newuser:newuser .ssh/
Conclusion
User creation is a staple task when working with Linux servers, and now you have a solid solution at hand that will lighten up your daily workload. So long. I hope this little sheet was useful to you. Usually I write about Rust, test automation and business topics. If you want to read more from me, this post combines the former two. In my day job, I also do lots of test automation, but here my focus is Java. Hence, if you are rather interested in that, I’m talking about fuzzing with Java in this post.
Or if you miss a detail, or you want to get your hands a little dirtier than just cheat sheet level, Linuxize has an in-depth post about the nitty gritty parts of user administration. It really helped me out a lot in the past.
Have a nice day!