Добавление sudo-пользователя в debian 8

2. Set Up a Strong Password

Next, you will be asked to enter a password for the newly created user:

Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for newuser

Make sure you are using a strong password for your account. Next step is to enter basic information about the user’s account such as name, phone number etc.

Enter the new value, or press ENTER for the default
        Full Name []:
        Room Number []:
        Work Phone []:
        Home Phone []:
        Other []:

Is the information correct? [Y/n]

Once you confirm that the information you entered is correct, the user account will be added and will be ready to use.

Ubuntu add user via control panel

Here is step by step explanation how to add user to Ubuntu via system settings. First click on Settings button on the upper right corner in the screen. Then you have to select System Settings… option from the drop down menu. Look into screen shot for more details.

Next step is to click on User Accounts icon in the bottom right corner of Settings window. On the screenshot bellow icon is highlighted.

Then a new dialog window called User Accounts is open. In this dialog you can manage users of the system. You can delete users by selecting user and pressing minus button in the bottom-left corner of window. Using plus button you can add new account. And there is Lock/Unlock button in upper-right corner. From this button you can lock or unlock user. When new user is created it is locked by default. You need to unlock it. During this process you need to set user password.

So to add new user account on Ubuntu just press plus button in bottom-left corner and follow the instructions in next dialog.

You need do specify only a few fields and to click add button. Next step is to set password for user and to activate user account. This can be done via Unlock button in the upper-right corner. When you press this button you will be asked to specify new user password. So you have to enter it.

And this is it. Hope this short tutorial will help you to manage you Ubuntu box in a better way.

Remove a User From a Group in Ubuntu

Now you know how to add a user to a group on Linux, but what about removing them from a group? This can vary across Linux distributions, but fortunately it’s easy on Ubuntu to remove a user from a group.

The command, as the name implies, is often used to delete a user entirely. You can also use it on Ubuntu to delete a user from a group, as well as on other distros like Debian where the package is also available. To remove a user from a group, use the command the following way:

Always make sure to double check that the group name is present. If you run the command without a group name, it will simply delete the user entirely. For example, the following command will remove the user from the group «sudo.»

If you omitted the final «sudo» from the above command, it would delete the user «kwouk.»

It can help to double check what groups a user is already assigned to. To do this, simply run the following:

New Ways to Manage Permissions in Ubuntu

While its Unix roots date back to the 1970s, Linux is constantly evolving. This doesn’t just mean better hardware support and performance tweaks either. As Linux evolves, we’re seeing more ways to manage users and permissions.

Among other things, Ubuntu 19.10 brings Gnome version 3.32 which adds app permission control. This will let you use smartphone-style app permissions. While this feature is still in its infancy, it could end up making the Linux desktop more secure. For a look at other new things on the way, see our guide to the new features coming in Ubuntu 19.10.

Grove Beginner Kit for Arduino Review: The Best Arduino Starter Kit Yet

An innovative way to get started with Arduino programming at a great price.

About The Author

Kris Wouk is a musician, writer, and whatever it’s called when someone makes videos for the web. A tech enthusiast for as long as he can remember, he definitely has favorite operating systems and devices, but uses as many others as he can anyway, just to stay caught up.

More About Kris Wouk

Specifying Explicit User Privileges in /etc/sudoers

As an alternative to putting your user in the sudo group, you can use the command, which opens a configuration file called in the system’s default editor, and explicitly specify privileges on a per-user basis.

Editing the file offers more flexibility, but should only be used when you need this flexibility, as it requires more maintenance when managing user accounts.

Using is the only recommended way to make changes to , because it locks the file against multiple simultaneous edits and performs a sanity check on its contents before overwriting the file. This helps to prevent a situation where you misconfigure and are prevented from fixing the problem because you have lost privileges.

If you are currently signed in as root, type:

If you are signed in using a non-root user with privileges, type:

Traditionally, opened in the editor, which can be confusing for inexperienced users. By default on new Debian installations, it should instead use , which provides a more familiar text editing experience. Use the arrow keys to move the cursor, and search for the line that looks like this:

/etc/sudoers

Below this line, copy the format you see here, changing only the word “root” to reference the new user that you would like to give sudo privileges to:

/etc/sudoers

You should add a new line like this for each user that should be given full sudo privileges. When you are finished, you can save and close the file by hitting , followed by , and then to confirm.

Step 8 — Disabling Shell Access (Optional)

If you’re unable to use TLS because of client requirements, you can gain some security by disabling the FTP user’s ability to log in any other way. One relatively straightforward way to prevent it is by creating a custom shell. This will not provide any encryption, but it will limit the access of a compromised account to files accessible by FTP.

First, open a file called in the bin directory:

We’ll add a message telling the user why they are unable to log in. Paste in the following:

Change the permissions to make the file executable:

Open the list of valid shells:

At the bottom, add:

/etc/shells

Update the user’s shell with the following command:

Now try logging in as sammy:

You should see something like:

This confirms that the user can no longer to the server and is limited to FTP access only.

Add User Details

  1. Log in to Control Panel (https://mailadmin.zoho.com/) as an Admin or Super Admin.
  2. Click Control Panel, then select User Details.
  3. Click Add User from the upper portion of the page.​
  4. If you are using a paid account, you will have two options. If not, you will be directed to manually add the users.
  5. Select the Create User option from the two options given. 
  6. Enter the user’s first name, last name and email address in the appropriate text box, then select a domain from the drop-down menu. The email address will get auto-filled based on your preferences set in the  You can also edit it in the Email ID field.
  7. Provide a password for the user. It is mandatory that the password has a minimum of 8 characters, with one numeric character and one special character. Make sure the user receives this password, as they will need it to log in to their account.   
  8. If you are using one of our paid plans, you will see the Add user to People option. This will add the user you are creating to your organization’s Zoho People account. 
    1. Click the Add user to People option if you want to add this user to Zoho People.
    2. Assign an Employee ID for this user, and enter it in the respective field. Please note that the Employee ID field is mandatory, and it should be unique to each user.
    3. Choose the Designation Name and the Team Name for this user. You can pick if the list if you already have some designations and teams configured.
    4. Enter the Extension and the Mobile Number for the user. 
  9. Click Create Email aliases for other domains option, if you want to create aliases for this user in the domains configured with your organization account. Select the domains for which you want to create email aliases from the popup, and click Ok.
  10. Click on the ‘Force user to change password during the first login’ checkbox if you want the password you have set to be changed by the user on first logging in.
  11. Click Ok, and the user will be created.

Note:

Invite a User through other existing Email Address

If a user already has a business account with Zoho, they won’t be able to join your organization. In this case, the user will need to remove their existing organization from their account.

Steps to Invite a User:

  1. In the Zoho Mail Control Panel, go to the option.
  2. Select Add User, and then pick the Invite User option.
  3. Enter the email address of the user that you would like to invite. Please note that an invitation to join will be sent to the mentioned email address.
  4. Now click Ok

Inviting users will avoid the loss of data if the user already has any other Zoho applications like CRM, Recruit etc linked to their account.

Note:

  • When you create a user, they will be able to login to their account and send emails immediately. However, they will not receive any emails until the domain’s MX entries are pointed to the Zoho Mail servers. The domain’s MX Records can be cross-verified at Zoho’s MX record checker tool.
  • The option to Invite Users with their email address will only be available for organizations that are using one of the paid plans.

Creating a User with Root Privileges

Step 1:  Add The User

Create a username for your new user, in my example my new user is Tom:

You’ll then be prompted to enter a password for this user.   We recommend using a strong password because malicious bots are programmed to guess simple passwords. If you need a secure password, this third-party password generator can assist with creating one.

Output:

Note
Usernames should be lowercase and avoid special characters. If you receive the error below, alter the username.

Next, a text prompt will appear asking us to enter in info about your new user.  Entering this information is subjective and is not required. This info can be skipped if needed by pressing enter in each field. We suggest adding in as much info as needed to track usage.

Lastly, the system will ask you to review the information for accuracy.  Enter Y to continue to our next step.

Step 2: Grant Root Privileges

Assigning root access to a user is to grant the user the highest privilege on our system so caution is advised.  Once out user Tom is added, he can make changes to the entire system as a whole, so it’s critical to only allow this access to users who need it. After this, Tom will be able to execute commands using the sudo option which is normally reserved for the root user.

Step 3: Verify New User

As root, you can switch to your new user with the su – command and then test to see if your new user has root privileges.

If the user has properly been granted root access the command below will show tom in the list.

Output:

That’s it! We have added a user and then granted that user root privileges on an Ubuntu 16.04 LTS server.

Within the Desktop Environment

Open the Users tool then click the Unlock button. Click Add User. In the window that pops up, select the Administrator account type. Complete the name and username boxes and configure a password setting. Click Add when you’re done.

To remove sudo access, modify the user account by changing its type to Standard.

Within a Shell Session

Launch a shell session through an account that already enjoys sudo access. Execute the following command to add an existing account to the sudoers file:

sudo usermod -a -G sudo <username>

To remove a user account’s sudo permissions, execute:

sudo deluser <username> sudo

1. Add User on Ubuntu

To be able to create a new system user and allow that user to execute commands as the superuser or another system user, you need to connect to your Linux server via SSH and run the command below. You should replace newuser with the actual name of the user you want to add to your system.

adduser newuser

Running the command will create a new user account to the system according to the configuration information defined in the /etc/adduser.conf file. The command also allows you to use one or more command line options such as specifying user’s home directory, user’s login shell, groups etc. Once you run the command you will see the following output on your screen:

# adduser newuser
Adding user `newuser' ...
Adding new group `newuser' (1001) ...
Adding new user `newuser' (1001) with group `newuser' ...
Creating home directory `/home/newuser' ...
Copying files from `/etc/skel' ...

How To Grant a User Sudo Privileges

If your new user needs to execute commands with root privileges, you will need to give the new user access to . Let’s examine two approaches to this problem: Adding the user to a pre-defined user group, and specifying privileges on a per-user basis in ’s configuration.

Add the New User to the Sudo Group

By default, on Debian 8 systems is configured to extend full privileges to any user in the sudo group.

You can see what groups your new user is in with the command:

By default, a new user is only in their own group, which is created at the time the account was created, and shares a name with the user. In order to add the user to a new group, use the command:

The option here tells to add the user to the listed groups.

Use the command again to verify that your user is now a member of the group:

Now, your new user is able to execute commands with administrative privileges.

When signed in as the new user, you can execute commands as your regular user by typing commands as normal:

You can execute commands with administrative privileges by typing in front of the command:

When prefixing a command with , you will be prompted to enter a password. Enter the password for the user account that issued the command, not the root user’s password.

Create a new User on Debian 9

First, you need to establish a connection to your server as user root via SSH.

Once logged, you can create a new user with the adduser command. In our example, we will create a user called “newuser”. To do this, simply type in the following in your command line:

adduser newuser

You will be asked some additional questions. First, you will need to enter and confirm a password for this user. Then you will be asked for some additional information about the user, such as full name, room number, work phone, home phone and other. This information is optional and you can just press ENTER on each question to skip it. In the end, you will be asked for confirmation of all the information you have entered so far. If everything is correct just press Y and then Enter.

This is the output that you should get, for our new user called “newuser”:

Adding user `newuser' ...
Adding new group `newuser' (1000) ...
Adding new user `newuser' (1000) with group `newuser' ...
Creating home directory `/home/newuser' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for newuser
Enter the new value, or press ENTER for the default
Full Name []:
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n] Y

With this, a new user and group named “newuser” have been successfully created. Its home directory has also been created at the following location on your server: /home/newuser

You can now log in as the “newuser” user to your server using the password you have set up.

Import Users from Other Zoho Services

If your organization avails other Zoho services, users who have been added there can directly be imported into Zoho Mail. Follow these steps to import users from other Zoho services into Zoho Mail.

  1. Log in to the Zoho Mail Control Panel.
  2. Go to the section.
  3. Choose the option, and select From Other Services in the drop-down list.
  4. Users who have accounts in other Zoho services, but don’t have an account in Zoho Mail will be listed. 
  5. Locate the users whom you want to import to Zoho Mail, and click the Import to Mail option across the respective user.
  6. Enter the email address you want to create for this account, and select the domain name from the dropdown list (in case there are multiple domains).​
  7. Click Import this user to Mail.
  8. The selected user will be added to your Zoho Mail organization account.

Note:

In the case of a Zoho One account, adding users will not be possible via the Zoho Mail Control Panel. To add users, access Zoho One Admin Panel. For instructions, refer this page. 

User Provisioning from Active Directory

  1. Install the Zoho Mail Active Directory User Provisioning Wizard in your system.
  2. When you execute the Wizard, you will be requested to provide the Super Admin credentials.
  3. You need to provide the Server in which the Active Directory is installed.
  4. You should have the details of the LDAP query to be used to list the users of the organization.
  5. You need to map the attributes of the Active Directory with the fields provided for Zoho Mail users.
  6. Based on the LDAP query and the attribute selection, the results will be displayed.
  7. After validating the results with your organization’s user details, click ‘Finish’ to provision the users in Zoho Mail.

Step 6 — Securing Transactions

Since FTP does not encrypt any data in transit, including user credentials, we’ll enable TLS/SSL to provide that encryption. The first step is to create the SSL certificates for use with .

Let’s use to create a new certificate and use the flag to make it valid for one year. In the same command, we’ll add a private 2048-bit RSA key. By setting both the and flags to the same value, the private key and the certificate will be located in the same file:

You’ll be prompted to provide address information for your certificate. Substitute your own information for the highlighted values below:

For more detailed information about the certificate flags, see OpenSSL Essentials: Working with SSL Certificates, Private Keys and CSRs

Once you’ve created the certificates, open the configuration file again:

Toward the bottom of the file, you will see two lines that begin with . Comment them out so they look like this:

/etc/vsftpd.conf

Below them, add the following lines that point to the certificate and private key we just created:

/etc/vsftpd.conf

After that, we will force the use of SSL, which will prevent clients that can’t deal with TLS from connecting. This is necessary to ensure that all traffic is encrypted, but it may force your FTP user to change clients. Change to :

/etc/vsftpd.conf

After that, add the following lines to explicitly deny anonymous connections over SSL and to require SSL for both data transfer and logins:

/etc/vsftpd.conf

After this, configure the server to use TLS, the preferred successor to SSL, by adding the following lines:

/etc/vsftpd.conf

Finally, we will add two more options. First, we will not require SSL reuse because it can break many FTP clients. We will require “high” encryption cipher suites, which currently means key lengths equal to or greater than 128 bits:

/etc/vsftpd.conf

The finished file section should look like this:

/etc/vsftpd.conf

When you’re done, save and close the file.

Restart the server for the changes to take effect:

At this point, we will no longer be able to connect with an insecure command-line client. If we tried, we’d see something like:

Next, let’s verify that we can connect using a client that supports TLS.

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *

Adblock
detector