Harnessing the Power of Open Source with Ubuntu

How to Manage and List Users on Ubuntu: Complete Guide to User Accounts, Permissions, and Commands

Security and User Management
目次

1. Introduction

Ubuntu is a popular Linux distribution used by many users, ranging from personal environments to enterprise server systems. When managing an Ubuntu system, user account administration is essential. In particular, reviewing the list of registered users helps with security management and account organization.

This article explains how to list users on Ubuntu. It covers everything from basic commands to methods for retrieving detailed information, making it useful for both beginners and experienced administrators.

2. How to Check the User List in Ubuntu

In Ubuntu, user information can be easily retrieved using specific files and commands. The following methods allow you to check the list of users.

2.1 Display User List Using /etc/passwd

In Ubuntu, all user information is stored in the /etc/passwd file. Displaying this file allows you to verify all registered users.

Command example

cat /etc/passwd

Running this command displays information in the following format:

root:x:0:0:root:/root:/bin/bash
user1:x:1000:1000:User One,,,:/home/user1:/bin/bash
user2:x:1001:1001:User Two,,,:/home/user2:/bin/bash

Each line consists of fields separated by colons (:) containing the following information:

  1. Username
  2. Password (now represented as x)
  3. User ID (UID)
  4. Group ID (GID)
  5. User information (comment field)
  6. Home directory
  7. Default login shell

Since this file includes system users, you may extract only regular login users using the methods below.

2.2 Listing Only Usernames

To list just the usernames, use the following command:

cut -d: -f1 /etc/passwd

Alternatively, you can use the awk command:

awk -F':' '{ print $1 }' /etc/passwd

Example output:

root
user1
user2

2.3 Searching for a Specific User

To check whether a specific user exists, use the grep command:

grep 'user1' /etc/passwd

This command displays only the entry related to user1.

2.4 Listing Groups via /etc/group

To check the groups a user belongs to, refer to the /etc/group file:

cat /etc/group | cut -d: -f1

To list the groups a specific user belongs to, use:

groups user1

Example output:

user1 : user1 sudo

This indicates that user1 is also a member of the sudo group.

3. How to Check Currently Logged-In Users

Ubuntu provides several commands to verify which users are currently logged in. These commands help retrieve session and login information.

3.1 Checking Logged-In Users Using who

The who command lists all currently logged-in users.

Command example

who

Example output

user1    tty1         2025-02-16 10:05
user2    pts/0        2025-02-16 11:30

Field explanation

  1. Username (logged-in user)
  2. Terminal name (e.g., tty1 for local, pts/0 for SSH)
  3. Login time

The who command is simple and useful when you want to quickly check login status.

3.2 Checking Detailed Information Using w

The w command provides more detailed information than who.

Command example

w

Example output

11:35:25 up 2:15,  2 users,  load average: 0.03, 0.02, 0.00
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
user1    tty1                      10:05    1:30m  0.10s  0.10s -bash
user2    pts/0    192.168.1.10      11:30    0.00s  0.05s  0.02s sshd

Field explanation

  • System uptime
  • Number of logged-in users
  • CPU load average
  • Username
  • Terminal
  • Remote host
  • Login time
  • Idle time
  • CPU usage
  • Running process

The IP address in the FROM field helps verify remote SSH logins, making it useful for monitoring and security management.

3.3 Display Logged-In Users Using users

If you want a simplified list showing only the usernames of logged-in users, the users command is useful.

Command example

users

Example output

user1 user2

This command is a simplified version of who and shows only the logged-in usernames.

3.4 Identify the Current User with whoami

To check which user is executing the current session, use the whoami command.

Command example

whoami

Example output

user1

This command simply displays the username of the current session’s user, making it helpful for verifying the execution context.

3.5 Check Login History Using last

The last command allows you to review the login history of users.

Command example

last

Example output

user1    pts/0        192.168.1.10     Mon Feb 15 10:20   still logged in
user2    tty1                          Mon Feb 15 09:30 - 10:00  (00:30)
root     tty1                          Sun Feb 14 22:15 - 23:45  (01:30)
  • Username
  • Terminal used
  • Remote IP address
  • Login start time
  • Logout time (or still logged in)
  • Total session duration

This command helps administrators monitor previous access and detect suspicious logins.

4. How to Check Detailed User Information

Ubuntu provides several commands to retrieve detailed information about registered users. Reviewing details such as UID, group membership, and login shell helps administrators manage permissions accurately. This section explains methods using id, groups, finger, and chage.

4.1 Check UID, GID, and Groups Using id

The id command displays the user’s UID (User ID), GID (Group ID), and group membership.

Command example
id user1
Example output
uid=1001(user1) gid=1001(user1) groups=1001(user1),27(sudo),1002(docker)
  • uid → User identifier
  • gid → Primary group identifier
  • groups → All groups the user belongs to
Check current user information
id

4.2 Check Group Membership via groups

The groups command quickly lists the groups a user belongs to.

Command example
groups user1
Example output
user1 : user1 sudo docker

groups is useful when you want to see only group names without detailed IDs.

4.3 Retrieve User Details Using finger

The finger command provides detailed user information such as full name, login directory, and shell type.

Install command
sudo apt install finger
Command example
finger user1
Example output
Login: user1                    Name: User One
Directory: /home/user1          Shell: /bin/bash
Last login: Mon Feb 16 10:20 (UTC) on pts/0
  • Login → Username
  • Name → Full name (optional)
  • Directory → Home directory
  • Shell → Default shell
  • Last login → Last login time

4.4 Check Password Expiration with chage

The chage command allows administrators to review the password expiration period and last password change.

Command example
sudo chage -l user1
Example output
Last password change            : Jan 15, 2025
Password expires                : Mar 15, 2025
Password inactive               : never
Account expires                 : never
Minimum number of days between password change : 7
Maximum number of days between password change : 60
Number of days of warning before password expires : 5
  • Last password change → Date password was last changed
  • Password expires → Password expiration date
  • Password inactive → Inactivity duration before password becomes invalid
  • Account expires → Account expiration date
  • Minimum number of days between password changes
  • Maximum number of days between password changes
  • Warning days before password expires

Administrators can use this information to enforce password policies and enhance system security.

5. Managing Users in Ubuntu (Add, Delete, Modify)

Proper user management improves system stability and security. Ubuntu provides several administrative commands such as adduser, deluser, and usermod. This section explains how to add, remove, and modify users.

5.1 Adding Users

Ubuntu allows adding new users using either the adduser or useradd commands.

5.1.1 adduser Command (Recommended)

The adduser command provides an interactive way to add users.

sudo adduser newuser

Interactive prompt example:

Adding user `newuser' ...
Adding new group `newuser' (1002) ...
Adding new user `newuser' (1002) with group `newuser' ...
Creating home directory `/home/newuser' ...
Copying files from `/etc/skel' ...
Enter new UNIX password: ********
Retype new UNIX password: ********
passwd: password updated successfully
Changing the user information for newuser
Enter the new value, or press ENTER for the default
        Full Name []:
        Room Number []:
        Work Phone []:
        Home Phone []:
        Other []:
Is the information correct? [Y/n]
  • User account
  • Dedicated group
  • Home directory (/home/newuser)
  • Password for login
  • Basic account information

5.1.2 useradd Command (Advanced)

The useradd command is script-friendly and offers finer control but does not automatically set up everything.

sudo useradd -m -s /bin/bash newuser
sudo passwd newuser
  • -m → Create home directory
  • -s /bin/bash → Set login shell

A password must be set separately when using this command.

5.2 Deleting Users

You can remove users using either deluser or userdel.

5.2.1 deluser Command (Recommended)

The deluser command removes a user account.

sudo deluser newuser
Remove home directory as well
sudo deluser --remove-home newuser

This deletes the account and the directory /home/newuser.

5.2.2 userdel Command (Advanced)

The userdel command offers more control.

sudo userdel newuser
sudo userdel -r newuser

5.3 Modifying Existing Users

Use the usermod command to modify existing user information.

5.3.1 Change Username

sudo usermod -l newname oldname

5.3.2 Change Home Directory

sudo usermod -d /new/home/path user1
sudo usermod -d /home/newuser -m user1

5.3.3 Modify Group Membership

sudo usermod -aG sudo user1
groups user1

5.3.4 Change Password

sudo passwd user1
Enter new UNIX password: ********
Retype new UNIX password: ********
passwd: password updated successfully

6. Practical Scenarios for User Management

User management in Ubuntu goes beyond listing and modifying accounts. Understanding how to apply commands in real scenarios is essential for maintaining a secure and efficient environment. This section introduces common use cases and how to address them.

6.1 Search for Users Matching Specific Criteria

6.1.1 Display Users with Administrator Privileges (sudo)

To list users with sudo privileges, use the getent command to inspect the /etc/group file:

getent group sudo

Example output

sudo:x:27:user1,user2
  • sudo:x:27: → Group information
  • user1,user2 → Users belonging to the sudo group

6.1.2 Display Login-Capable Users

The /etc/passwd file includes system accounts. To extract only users who can log in:

grep '/bin/bash' /etc/passwd

Example output

user1:x:1001:1001::/home/user1:/bin/bash
user2:x:1002:1002::/home/user2:/bin/bash
  • Only users with shells like /bin/bash or /bin/sh are included
  • System accounts using /usr/sbin/nologin or /bin/false are excluded

6.1.3 Display System Users (Non-Login Accounts)

grep -E '/usr/sbin/nologin|/bin/false' /etc/passwd

Example output

daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
syslog:x:104:110::/home/syslog:/bin/false

This helps administrators identify accounts that should not be removed accidentally.

6.2 Periodically Cleaning Up Unused Users

6.2.1 Display the Last Login Time of All Users

lastlog

Example output

Username         Port     From             Latest
root            tty1                      Mon Feb 12 14:02:08 +0000 2025
user1           pts/0    192.168.1.10      Mon Jan 15 10:30:12 +0000 2025
user2           pts/1    192.168.1.20      Never logged in
  • Never logged in → User has never logged in
sudo deluser user2 --remove-home

6.2.2 Verify Last Password Change

sudo chage -l user1
sudo passwd --expire user1

Next time the user logs in, a password reset will be required for security reasons.

6.3 Check Users Connected via SSH

who | grep pts

Example output

user1    pts/0        192.168.1.10     11:30

This helps identify remote users and their IP addresses.

6.4 Export All User Information to CSV

getent passwd | awk -F: '{print $1 "," $3 "," $4 "," $6}' > users.csv

Example users.csv

root,0,0,/root
user1,1001,1001,/home/user1
user2,1002,1002,/home/user2
  • Exports username, UID, GID, and home directory
  • Data can be analyzed using Excel or spreadsheets

7. FAQ

7.1 Can I edit /etc/passwd directly?

Answer: Direct editing is not recommended. Incorrect modifications may prevent login or damage the system.

Safer method:

sudo vipw

7.2 Difference Between who and users Commands

CommandDescription
whoDisplays detailed login information
usersDisplays only usernames of logged-in users

7.3 How to Check Login History for a Specific User

last user1

7.4 How to Change a User’s Password

sudo passwd user1

7.5 How to Temporarily Disable a User

sudo usermod -L user1
sudo usermod -U user1

7.6 Add a User to the sudo Group

sudo usermod -aG sudo user1

7.7 Change a User’s Home Directory

sudo usermod -d /new/home/path -m user1

7.8 Completely Remove a User and Their Data

sudo deluser --remove-home user1

or

sudo userdel -r user1

7.9 Check Detailed Activity of Logged-In Users

w
  • Logged-in users
  • Remote IP addresses
  • Current processes
  • System load

This allows administrators to monitor usage and detect unauthorized access.