Users and user group management:
1./etc/passwd:
The first field indicates a user name, user accounts can represent a string
The second field is stored in the account's password
The third field is a number, this number represents a user identification number, also known as uid
The first four fields are numbers indicating the group number denotes, gid
The fifth field of notes
The sixth field for the user's home directory when the user logs in this directory
A seventh field of user's shell
2./etc/shadow:
The first field indicates a user name, user accounts can represent a string
The second field indicates the user password is the real password for the user
The third field is the last password change date
The fourth field is the number of days to lead can change the password, the default is 0, that is, unrestricted
The fifth field is the number of days after the password expires
The sixth field for the period before password expiration warning
The first seven field is invalid accounts deadline
The first eight fields of life cycle accounts
The first nine field as a reserved use, does not make sense
3.groupadd command: Create group
Format: groupadd [-g gid] groupname
-g: uid and, as from the beginning of 1000
Example:
4.groupdel Command: delete group
When users can not delete the group inside the group, only to delete the account in order to delete a group
Example:
5.useradd command: to increase user
Format: useradd -u uid [] [- g gid] [- d home]
-u: Custom UID
-g: the new user belongs to a group that they have existed, may be behind the group with id can be set with the name
Gid with a non-existent, will get an error, suggesting that the group does not exist
-d: Customizing the user's home directory
-M: do not establish a home directory
-s: custom shell
Example:
6.userdel command: command to delete accounts
Format: userdel [-r] username
-r: When you delete a user, the user's home directory be deleted
Example:
7.chfn command: change a user's finger (/ etc / passwd 5th character information)
Example:
8.passwd command: set a password for the user
Format: passwd [username] (without user name if the command post, for the password for yourself)
Only the root user can modify other user's password, ordinary users can only change their own passwords
Example:
9.mkpasswd command: generate password
需要安装expect:yum install -y expect
mkpasswd
- l:修改长度密码
-s:指定特殊字符个数
-d:指定数字个数
实例:
10.用户身份切换:
1.su命令:切换用户
格式:su 【-】 username (加-切换到root账户时,当前目录为root账户家目录,不加-没变化)
实例:
2.sudo命令:
使用visudo命令编辑/etc/sudoers,如果没有visudo使用yum install -y sudo安装
让普通用户拥有sudo权限:在root ALL=(ALL) ALL 下面写入test ALL=(ALL) ALL
test:用户
ALL:所有主机
(ALL):获取哪个用户的身份
ALL:设定可以使用sudo的命令有哪些
实例:
# %wheel ALL=(ALL) ALL:wheel这个组的所有用户都有sudo的权利
实例:
只允许使用普通账户登录,普通用户登录后,可以不输入密码就能用sudo切换到root账户
实例:
3.不允许root远程登录linux(只适合ssh远程登录)
修改配置文件/etc/ssh/sshd_config,在文件中找#PermitRootLogin yes 改成 #PermitRootLogin no
重启sshd服务:systemctl restart sshd.service