How to Create a New User in Linux Ubuntu Server: Step-by-Step Guide

Introduction

Creating a new user in Linux, especially on an Ubuntu Server, is a fundamental administrative task that’s essential for managing system access, maintaining security, and organizing permissions. This guide will walk through each step of creating a new user in Ubuntu Server, from understanding the necessary commands to best practices for user security.

Table of Contents

1. Prerequisites
2. Creating a New User
- Step-by-Step Guide
3. Setting User Permissions
4. Adding the User to Groups
5. Managing User Password Policies
6. Testing the New User
7. Best Practices for User Management
8. Conclusion

1. Prerequisites

To create a new user in Ubuntu Server, you’ll need:

Access to the Ubuntu Server: This can be either physical access, SSH access, or access through a console.
Administrative Privileges: You must have root access or be part of the sudo group.
Basic Knowledge of Linux Commands: Understanding basic Linux commands will make it easier to follow along.

2. Creating a New User

In Ubuntu Server, creating a user is straightforward and can be done with the adduser command, which not only creates the user but also initializes a home directory and sets up the basic environment for the new user.

Step-by-Step Guide

Log in to the server as a user with sudo privileges.
Use the adduser Command: Run the following command to create a new user:
```
sudo adduser username
```
Replace username with the desired username.

Enter Password and Details: You will be prompted to set a password and fill out some optional information, such as Full Name, Room Number, and others. These fields can be left blank if desired.

Example Output:

Adding user `username' ...
Adding new group `username' (1001) ...
Adding new user `username' (1001) with group `username' ...
Creating home directory `/home/username' ...
Copying files from `/etc/skel' ...

Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully
Changing the user information for username
Enter the new value, or press ENTER for the default
        Full Name []: 
        Room Number []: 
        Work Phone []: 
        Home Phone []: 
        Other []: 
Is the information correct? [Y/n]

Verify the User Creation: You can verify that the user was created by listing the contents of the /home directory.
```
ls /home
```
The newly created user’s home directory should be listed.

3. Setting User Permissions

By default, the new user won’t have administrative privileges. If you want the user to perform administrative tasks, add them to the sudo group.

Add the User to the Sudo Group:
```
sudo usermod -aG sudo username
```
This command uses usermod to append (-a) the user to the specified group (-G).
Verify the Group Addition:
```
groups username
```
You should see sudo listed as one of the groups.

4. Adding the User to Groups

In Linux, groups help control access to files and services. For example, you might want to add the user to groups like www-data (for web development) or docker (to manage Docker containers).

View Existing Groups: List all available groups on the system.
```
cat /etc/group
```
Add User to Additional Groups: Use the usermod command to add the user to any group:
```
sudo usermod -aG groupname username
```
Replace groupname with the target group.
Confirm Group Membership:
```
groups username
```

5. Managing User Password Policies

Ubuntu allows setting password policies to ensure stronger security for user accounts.

Set Password Expiration: You can specify how many days a password remains valid before it requires changing.
```
sudo chage -M 90 username
```
This command sets the password to expire after 90 days. Users will be prompted to change their password upon expiration.
Require a Password Reset on First Login:
```
sudo chage -d 0 username
```
Setting the last password change to 0 forces a password reset on the next login.
Check Password Expiration Settings:
```
sudo chage -l username
```
This will show the password aging information for the specified user.

6. Testing the New User

After configuring the new user and permissions, it’s best to test the account to verify everything works as expected.

Switch to the New User:
```
su - username
```
This command switches to the new user account.
Test Sudo Access (if applicable):
```
sudo ls /root
```
If the user has been added to the sudo group, this command should work. Otherwise, you’ll see a permissions error.
Test Group Membership: Access files or services specific to the groups you added to confirm proper permissions.

7. Best Practices for User Management

To maintain a secure and organized server, follow these best practices:

Use Unique, Strong Passwords: Make sure each user has a unique and strong password.
Limit sudo Access: Only provide sudo access to users who need it.
Enforce Password Policies: Use chage to enforce password expiration policies and keep passwords secure.
Review User Access Regularly: Periodically check user permissions and remove users who no longer need access.
Restrict SSH Access: If this is a publicly accessible server, consider restricting SSH access by editing /etc/ssh/sshd_config to limit which users can log in via SSH.

8. Conclusion

Creating and managing user accounts on Ubuntu Server is an essential skill for any server administrator. By following this guide, you should be able to add new users, assign appropriate permissions, and maintain a secure system. Proper user management helps keep your server organized and reduces potential security risks.

Regularly review user accounts and permissions to maintain security and efficiency on your Linux server.