You Need to Add a New User to Your Ubuntu System
Whether you’re setting up a new server for your team, sharing a family computer, or isolating services for security, creating a separate user account is one of the first and most fundamental tasks in Ubuntu. It’s the cornerstone of a secure, organized, and multi-user environment.
You might be a system administrator provisioning access for a developer, a student sharing a lab machine, or a hobbyist running a home server who needs to separate your personal files from a web service. The process is straightforward, but knowing the right commands and options can save you from permission headaches and security missteps down the line.
This guide will walk you through every method, from the simple graphical interface to powerful command-line tools, and explain the critical “why” behind each step.
Understanding User Accounts in Ubuntu
Before you run any commands, it helps to know what you’re actually creating. In Ubuntu, which is built on Linux, every user account is more than just a login name. It’s a system entity with a unique numerical ID (UID), a primary group, a home directory, and a default shell.
The system uses these attributes to control what files a user can read, modify, or execute. By default, regular users cannot perform actions that affect the entire system, like installing software or modifying critical system files. This is a key security feature.
For tasks that require elevated privileges, users can temporarily gain superuser powers using the `sudo` command, but only if they are explicitly added to the `sudo` group. We’ll cover how to do that precisely.
Prerequisites: What You Need to Get Started
To add a new user, you must already have administrative access. Practically, this means you need to be logged into an account that is a member of the `sudo` group. Open a terminal window. If you can run commands like `sudo apt update` by entering your password, you have the necessary permissions.
You should also have a clear idea of the username you want to create. Linux usernames are typically lowercase, can contain numbers and dashes, and should be easy to remember and type. Avoid spaces and special characters.
Method 1: Adding a User via the Command Line (The Standard Way)
The terminal is the most powerful and common method for managing users, especially on servers or for automation. The primary tool is the `adduser` command.
Using the adduser Command
The `adduser` command is an interactive, user-friendly script that wraps the lower-level `useradd` command. It handles several setup steps automatically, like creating a home directory and prompting for user information.
Open your terminal and type the following command, replacing `newusername` with your desired username.
sudo adduser newusername
The command will prompt you for several pieces of information:
– It will ask for and confirm a new password for the user. Choose a strong password.
– It will ask for “Full Name,” “Room Number,” “Work Phone,” “Home Phone,” and “Other.” You can press Enter to skip any of these fields if they are not relevant.
– Finally, it will ask you to confirm (Y/n) that the information is correct. Type ‘Y’ and press Enter.
That’s it. The command creates the user, assigns the next available UID, creates a group with the same name as the user, sets up a home directory at `/home/newusername`, and copies default configuration files (like `.bashrc`) from `/etc/skel`.
Using the useradd Command (For More Control)
The `useradd` command is the low-level utility that `adduser` calls. It’s less interactive but offers more precise control. A typical command to mimic `adduser`’s default behavior is:
sudo useradd -m -s /bin/bash newusername
Here’s what the options do:
– `-m` tells the system to create the user’s home directory.
– `-s /bin/bash` sets the user’s default login shell to Bash.
After creating the user with `useradd`, you must set a password separately using the `passwd` command:
sudo passwd newusername
You will be prompted to enter and confirm the new password.
Method 2: Adding a User with Administrative Privileges (sudo)
By default, a new user is a standard user. They cannot run commands with `sudo`. To grant this ability, you need to add the user to the `sudo` group. In Ubuntu, members of the `sudo` group are allowed to execute any command as the root user.
You can do this during creation with `adduser` by adding the `–group` flag, but it’s more common and clearer to do it as a separate step after the user exists. Use the `usermod` command:
sudo usermod -aG sudo newusername
The `-aG` flags are crucial: `-a` means “append” the user to the group, and `-G` specifies the group. This ensures you don’t accidentally remove the user from other groups they belong to. Simply using `-G sudo` would make `sudo` their *only* secondary group.
To verify the user was added correctly, you can check the groups they belong to:
groups newusername
The output should include `sudo`.
Method 3: Adding a User via the Graphical Interface (GUI)
If you are using a desktop version of Ubuntu, like Ubuntu GNOME, you can add users through the system settings without touching the terminal.
Click on the system menu (usually in the top-right corner) and select “Settings.” Navigate to “Users” (or “User Accounts”). You will likely need to click an “Unlock” button and enter your password to make changes.
Click the “Add User” button (often a “+” sign). A dialog will appear where you can set the account type (“Administrator” or “Standard”), enter the full name and username. The system will generate a username based on the full name, but you can change it.
You can choose to set a password now or allow the user to set one on their first login. Click “Add” to create the account. The new user will appear in the list, and their home directory will be created automatically.
Essential Post-Creation Steps and Verification
Creating the user is just the beginning. Here are a few things you should check or do next.
Verify the Home Directory and Default Shell
Ensure the home directory was created and has the correct permissions. You can list its contents:
ls -la /home/newusername
You should see hidden files (starting with a dot) like `.bashrc` and `.profile`. The directory should be owned by the new user and their primary group.
To check the user’s default shell, you can look at the `/etc/passwd` file:
grep newusername /etc/passwd
The last field of the line (after the final colon) will show the shell, e.g., `/bin/bash`.
Switching to the New User Account
To test the account, you can switch to it without logging out of your current session. Use the `su` (substitute user) command:
su – newusername
The `-` (dash) option provides a login shell, which means it will source the user’s profile scripts and change to their home directory. You will be prompted for the new user’s password. Once switched, your command prompt should change. Type `exit` to return to your original account.
Alternatively, if the new user has `sudo` privileges, you can use `sudo` to run a command as them from your account:
sudo -u newusername whoami
This should output `newusername`.
Troubleshooting Common Issues
Even a simple task can run into snags. Here are solutions to common problems.
User Already Exists
If you get an error like “adduser: The user `newusername’ already exists,” it means a user or a system group with that name is present. Check with:
id newusername
If the command returns information, the user exists. You can either choose a different username or, if the account is defunct, consider deleting it with `sudo deluser newusername` (use with extreme caution).
Home Directory Not Created
This usually happens when using `useradd` without the `-m` flag. You can create it manually and fix ownership:
sudo mkdir /home/newusername
sudo chown newusername:newusername /home/newusername
sudo cp -r /etc/skel/. /home/newusername/
sudo chown -R newusername:newusername /home/newusername
The last command recursively changes ownership of all the copied skeleton files.
User Cannot Use sudo
If you added a user to the `sudo` group but they still get a “user is not in the sudoers file” error, they may need to log out and log back in for the new group membership to take effect. Group assignments are applied at login time. Ask them to log out and in again, or restart their shell session.
Advanced User Management Concepts
Once you’re comfortable with basic creation, you can explore more advanced configurations.
Creating a System User (Without a Login)
For services like web servers or databases, you often want a “system” user that cannot log in interactively. This enhances security. Use the `–system` and `–disabled-login` flags with `adduser`:
sudo adduser –system –disabled-login –group serviceaccount
This creates a user with no password, a UID in the system range (typically below 1000), and a disabled login shell.
Specifying a Custom User ID (UID) and Group ID (GID)
Sometimes you need consistent IDs across multiple systems, like in networked environments. You can specify them during creation:
sudo adduser –uid 1501 –gid 1501 newusername
You must ensure the UID and GID are not already in use. Check `/etc/passwd` and `/etc/group`.
Setting an Account Expiry Date
For temporary users, like contractors or students in a semester, you can set an account to expire automatically:
sudo adduser –expiredate 2025-12-31 tempuser
After the expiry date, the user will not be able to log in.
Your Next Steps for Secure User Management
Adding a user is the first step in responsible system administration. To build on this foundation, consider these actions.
Review the list of all users on your system periodically with `cat /etc/passwd`. Look for unfamiliar accounts or system users that no longer serve a purpose. Implement a policy for strong passwords, possibly using tools like `libpam-pwquality`. For servers, consider disabling SSH password authentication in favor of key-based authentication for your new users, which is far more secure.
Finally, document your user creation standards. Note down the UID/GID ranges you use, standard group memberships, and any custom skeleton directory (`/etc/skel`) modifications you make. This consistency will make managing multiple systems much easier.
By mastering the `adduser`, `usermod`, and `passwd` commands, you’ve gained control over one of the most basic yet powerful aspects of your Ubuntu system. You can now provision access confidently, enforce security boundaries, and keep your environment organized.
