Creating new user accounts on Linux is a fundamental skill for developers and system administrators; even if developers have no infrastructure responsibilities, adding new users is necessary when setting up a new development or testing environment mirroring production.
The short answer
To create a new user on Linux in interactive mode, you can use the adduser command as follows:
$ sudo adduser <username>
Run in WarpThis command will create a new user and group with the same name, set that group as the user’s primary group, and create a home directory for that user located at /home/<username> .
Note that the username length is limited to 32 characters.
Also note that this command requires superuser privileges to run. You can learn more about the sudo command by reading our other articles on how to add a user to sudoers and how to spawn a root shell.
For example, the following command will create a new user and group named maverick , and a home directory for this user located at /home/maverick :
$ sudo adduser maverick
Run in Warp
Creating a user in non-interactive mode
To create a new user in non-interactive mode, which is usually more suitable for scripting purposes, you can use the useradd command as follows:
$ sudo useradd <username>
Run in WarpJust like the adduser command, this command will create a new user and a new group with the same name, and set that group as the user’s primary group.
However, unlike the adduser command, it won’t automatically create a home directory nor set a password for the specified user.
Easily retrieve these commands using Warp’s AI Command Search
If you’re using Warp as your terminal, you can easily retrieve this command using the Warp AI Command Search feature:
Entering create user linux in the AI command search will prompt a list of commands that can then be quickly inserted into your shell by doing CMD+ENTER .
Setting up the password of a newly created user
To set the password of a new user created with the useradd command, you can use the passwd command as follows:
$ sudo passwd <username>
Run in WarpWhich will prompt you to manually enter the password for this user.
Note that while the useradd command allows you to create a new user with a password using the -p flag (short for --password ), it is strongly recommended to avoid using this flag as the password will be visible to anyone who can list processes in the system.
Creating a user with a home directory
By default, the useradd command doesn’t create a home directory for the specified user.
To create a new user with a home directory located at /home/<username> , you can use the -m flag (short for --create-home ) as follows:
$ sudo useradd -m <username>
Run in WarpNote that the home directory will only be created if the CREATE_HOME variable in the /etc/login.defs file is set to true .
Specifying a custom location for the home directory
To create a new user with a home directory at a custom location instead of the default /home/<username> , you can use the -d flag (short for --home ) as follows:
$ sudo useradd -m <username> -d <path>
Run in WarpSetting up a home directory based on a skeleton
When creating a new user, you can specify a skeleton directory whose files will be automatically copied into the user’s home directory using the -k flag (short for --skel ) as follows:
$ sudo useradd -m <username> -k <path>
Run in WarpNote that if this option is not set, the useradd command will use the skeleton directory defined in the SKEL variable in the /etc/default/useradd or /etc/skel file.
Creating a new user with an explicit UID and GID
In Unix-like operating systems, users and groups are identified by numeric values respectively known as UID and GID. By default, the users created using the useradd command are automatically assigned an unused UID and GID by the system.
Creating a new user with an arbitrary UID
To create a new user with an arbitrary UID, you can use the -u flag (short for --uid ) as follows:
$ sudo useradd <username> -u <uid>
Run in WarpNote that if the USERGROUPS_ENAB variable in the login.defs file is set to true , it will also create a group with the same name and GID.
For example, this command will create a new user named iceman with a UID of 1985 :
$ sudo useradd iceman -u 1985
Run in WarpCreating a new user with an existing group name or GID
To create a new user and assign it to an existing group name or GID, you can use the -g flag (short for --gid ) as follows:
$ sudo useradd <username> -g <gid>
Run in WarpNote that the specified gid must belong to an existing group, as otherwise, the useradd command will fail.
For example, this command will create a new user named iceman with a UID of 1985 and a GID of 1969 :
$ sudo useradd iceman -u 1985 -g 1969
Run in WarpCreating users with multiple group memberships
The primary group is the default group that files and directories created by the user will belong to. On the other hand, secondary groups provide additional permissions and access rights to files beyond those granted by the primary group.
To assign one or more secondary groups to a user, you can use the useradd command with the -G flag (short for --groups ) as follows:
$ sudo useradd <username> -G <secondary_group,...>
Run in WarpWhere secondary_group,... is a list of comma separated secondary group names or GIDs.
For example, this command will create a new user named maverick whose default primary group is maverick and secondary groups are topgun and 1970 :
$ sudo useradd maverick -G topgun,1970
Run in WarpCreating users with minimal privileges
Giving users only what is needed to perform their tasks is essential to keep systems secure. However, every system administrator needs to define the concept of minimal privileges.
Two common restrictions are assigning users a limited shell or a non-interactive one, preventing users from logging in.
Creating users with limited shell features
The restricted Bash shell, or rbash , is a shell designed to restrict users to a subset of functionality, preventing them from executing certain commands, accessing specific directories, or modifying environment variables.
It is particularly useful in scenarios where users require limited capabilities, such as in shared computing environments, reducing the risk of unauthorized system access or unintended modifications.
To create a new user account with a restricted shell, you can set the user's default shell to /bin/rbash using the -s flag (short for --shell ) as follows:
$ sudo useradd <username> -s /bin/rbash
Run in WarpYou can learn more about the restricted Bash shell by reading the official documentation page.
Creating users with non-interactive shell
On Unix-like operating systems, administrators often create user accounts with no shell access whose sole purposes are to run predefined tasks or services like backups or servers. This helps mitigate the risk of unauthorized command-line access and reduce the attack surface on the machine.
To create a new user account without shell access, you can set the user's default shell to /sbin/nologin , which will cause the system to output an error message when a user tries to log in to that account:
$ useradd <username> -s /sbin/nologin
Run in WarpAlternatively, you can set the user's default shell to /bin/false , which, unlike the /sbin/nologin binary, will prevent the user from logging in to the specified account without outputting an error message:
$ useradd <username> -s /bin/false
Run in WarpCreating temporary users with expiration dates
Another method for mitigating security risks on a system is to create temporary user accounts with a predefined access duration, which is particularly useful when bringing temporary collaborators onboard a project. This helps avoid the existence of dormant accounts that could potentially be exploited to gain unauthorized system access.
To create a user with an expiration date, you can use the useradd command with the -e flag (short for --expiredate ) as follows:
$ sudo useradd <username> -e <date>
Run in WarpWhere date has the YYYY-MM-DD format.
Written by
Oscar Mauricio Forero Carrillo
Filed Under
Related Articles
List Open Ports in Linux
Learn how to output the list of open TCP and UDP ports in Linux, as well as their IP addresses and ports using the netstat command.
Count Files in Linux
Learn how to count files and folders contained in directories and subdirectories in Linux using the ls, find, and wc commands.
How to Check the Size of Folders in Linux
Learn how to output the size of directories and subdirectories in a human-readable format in Linux and macOS using the du command.
Linux Chmod Command
Understand how to use chmod to change the permissions of files and directories. See examples with various chmod options.
POST JSON Data With Curl
How to send valid HTTP POST requests with JSON data payloads using the curl command and how to avoid common syntax pitfalls. Also, how to solve the HTTP 405 error code.
Format Command Output In Linux
Learn how to filter and format the content of files and the output of commands in Linux using the awk command.
Create Groups In Linux
Learn how to manually and automatically create and list groups in Linux.
Switch Users In Linux
Learn how to switch between users, log in as another user, and execute commands as another user in Linux.
Remover Users in Linux
Learn how to remove local and remote user accounts and associated groups and files in Linux using the userdel and deluser commands.
Delete Files In Linux
Learn how to selectively delete files in Linux based on patterns and properties using the rm command.
Find Files In Linux
Learn how to find and filter files in Linux by owner, size, date, type and content using the find command.
Copy Files In Linux
Learn how to safely and recursively copy one or more files locally and remotely in Linux using the cp and scp command.
