30 - User Accounts Flashcards
User Account Management
By the end of this chapter, you should be able to:
1) Explain the purpose of individual user accounts and list their main attributes.
2) Create new user accounts and modify existing account properties, as well as remove or lock accounts.
3) Understand how user passwords are set, encrypted and stored, and how to require changes in passwords over time for security purposes.
4) Explain how restricted shells and restricted accounts work.
5) Understand the role of the root account and when to use it.
6) Use Secure Shell (ssh) and remove logins and commands.
User Accounts:
Linux systems provide a multi-user environment which permits?
People & processes to have separate simultaneous working environments
User Accounts:
What is the purposes of having individual user accounts include?
1) Providing each user with their own individualized private space
2) Creating particular user accounts for specific dedicated purposes
3) Distinguishing privileges among users.
User Accounts:
What special user account allow the user to do anything on the system?
root account
User Accounts:
To avoid making costly mistakes, and for security reasons, the root account should only be used when?
absolutely necessary
User Accounts:
Normal user accounts are for?
regular people who will work on the system
User Accounts:
Some user accounts (like the daemon account) exist for?
the purpose of allowing processes to run as a user other than root.
User Accounts:
What is group management for? (discussed more in future chapter)
where subsets of the users on the system can share files, privileges, etc., according to common interests.
Attributes of a User Account:
Each user on the system has a corresponding line in the ____ file that describes their basic account attributes. (We will talk about passwords, as well as this file, later). For example:
/etc/passwd
….
beav:x:1000:1000:Theodore Cleaver:/home/beav:/bin/bash warden:x:1001:1001:Ward Cleaver:/home/warden:/bin/bash dobie:x:1002:1002:Dobie Gillis:/home/dobie:/bin/bash
….
Attributes of a User Account:
What are the 7 attributes of a User Account?
- User name
- User password
- User Identification Number (UID)
- Group Identification Number (GID)
- Comment or GECOS Information
- Home Directory
- Login Shell
Attributes of a User Account:
What is the User name attribute?
The unique name assigned to each user.
Attributes of a User Account:
What is the User Identification Number (UID) attribute?
A unique number assigned to the user account. The UID is used by the system for a variety of purposes, including a determination of user privileges and activity tracking.
Attributes of a User Account:
What is the User password attribute?
The password assigned to each user.
Attributes of a User Account:
What is the Group Identification Number (GID) attribute?
Indicates the primary, principal, or default group of the user.
Attributes of a User Account:
What is the Comment or GECOS Information attribute?
A defined method to use the comment field for contact information (full name, email, office, contact number). (Don’t worry about what GECOS means, it is a very old term.)
Attributes of a User Account:
What is the Login Shell attribute?
Normally, this is a shell program such as /bin/bash or /bin/csh. Sometimes, however, an alternative program is referenced here for special cases. In general, this field will accept any executable.
Attributes of a User Account:
What is the Home Directory attribute?
For most users, this is a unique directory that offers a working area for the user. Normally, this directory is owned by the user, and except for root will be found on the system somewhere under /home.
Creating User Accounts
What command is used to create user accounts?
useradd
Creating User Accounts
What is the location of the file that is used to configure useradd default settings?
/etc/default/useradd
Creating User Accounts
Where is the defaults file that is used by a lot of the user management commands?
/etc/login.defs
The /etc/login.defs file provides default configuration information for several user account parameters. The useradd, usermod, userdel, and groupadd commands, and other user and group utilities take default values from this file. Each line consists of a directive name and associated value.
Creating User Accounts
The default algorithm for creating a user accounts will auto assign the new users ___ and ___, ___ , and ___.
- UID
- GID
- home directory
- shell choice
Creating User Accounts
What steps occur when creating this new user account?
$ sudo useradd dexter
- The next available UID greater than UID_MIN (specified in /etc/login.defs) by default is assigned as dexter’s UID.
- A group called dexter with a GID=UID is also created and assigned as dexter’s primary group.
- A home directory /home/dexter is created and owned by dexter.
- dexter’s login shell will be /bin/bash.
- The contents of /etc/skel is copied to /home/dexter. By default, /etc/skel includes startup files for bash and for the X Window system.
- An entry of either !! or ! is placed in the password field of the /etc/shadow file for dexter’s entry, thus requiring the administrator to assign a password for the account to be usable.
Deleting User Accounts
What is the command used to delete a user?
userdel
Deleting User Accounts
Only the ___ user can delete users
root