Linux User Management Part I

When it comes to user management and permissions, there’s a right way and a wrong way to do things. And doing things the wrong way can really make a mess of things in a hurry!

Let’s say you get a new cloud server. Awesome, right? A new, freshly provisioned VM is at your service, ready to perform any and all of your computing needs. We’ll assume that you’re running the latest Ubuntu, which, at the time of this writing is 22.04.

The first time you log into the new box, you will be running as root. And the first thing you’ll need to do is create a new, non-root user. The idea here is that you don’t want to do ANYTHING with root unless you absolutely need to.

So let’s get this party started! Pick a good username, and a password that would be hard to guess. I suggest using a password manager, such as LastPass or Keeper. You can use those systems to generate a bunch of characters to serve as a password that would be nearly impossible to guess in a dictionary based attack. It also shifts the liability to the company managing your passwords. I know this is a heated debate in the development world. I’m keeping the comments box open.

# adduser jimbo

Simple, right? I like simple. It’s better than complex and complex is better than complicated. #zenOfPython Anyway, it will prompt you to create a password. Password fields are one of my least favorite things about *nix. It won’t show you anything when you’re typing it in. I don’t know how to fix that, but I wish someone would. Linus, get on that one! Anyway, after making dang sure that you have focus in the ssh window, type the password and confirm it.

Linux will then prompt you for more information about the user, but it’s not necessary. You can totally go with the defaults.

The next step is to make the user a sudoer or not. sudo allows admin access to whatever it is you’re doing. If a user does not need admin access, do not allow it to have admin access. I’m a big fan of zero-trust.

# usermod -aG sudo jimbo

The deed is done. Now jimbo can have admin access. Test it out with

# su - jimbo

Next, try to run sudo on a command that the user wouldn’t normally be able to.

$ sudo ls /root

Sources

Why you should use sudo instead of root

Quickstart Guide to adding a user

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *