Server Management

Create and Manage Linux Users

How to create additional users, assign sudo permissions and manage server access

Create a new user

# Create user with home directory
sudo useradd -m -s /bin/bash username

# Set password
sudo passwd username

# All in one (Debian/Ubuntu: more interactive)
sudo adduser username

Verify the user was created:

id username
cat /etc/passwd | grep username

Give sudo access (administrative privileges)

# Add to sudo group (Ubuntu/Debian)
sudo usermod -aG sudo username

# Add to wheel group (CentOS/AlmaLinux/RHEL)
sudo usermod -aG wheel username

# Verify groups
groups username

For sudo without password (e.g. for automated scripts):

echo "username ALL=(ALL) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/username

SSH access for the new user

With password

The user can already connect via SSH with their password (if PasswordAuthentication yes in sshd_config).

With SSH key

# Create .ssh directory for new user
sudo mkdir -p /home/username/.ssh
sudo chmod 700 /home/username/.ssh

# Add the user's public key
sudo nano /home/username/.ssh/authorized_keys
# Paste the public key (e.g. content of id_rsa.pub)

# Set correct permissions
sudo chmod 600 /home/username/.ssh/authorized_keys
sudo chown -R username:username /home/username/.ssh

Create an SFTP-only user (without SSH)

Useful to give file access to collaborators without shell access:

# Create user without shell
sudo useradd -m -s /usr/sbin/nologin sftpuser
sudo passwd sftpuser

# Create the directory the user will see
sudo mkdir -p /home/sftpuser/files
sudo chown sftpuser:sftpuser /home/sftpuser/files

# Configure SSH for SFTP chroot
sudo nano /etc/ssh/sshd_config

Add at the end of /etc/ssh/sshd_config:

Match User sftpuser
    ForceCommand internal-sftp
    ChrootDirectory /home/sftpuser
    PermitTunnel no
    AllowAgentForwarding no
    AllowTcpForwarding no
    X11Forwarding no
# Home must be owned by root for chroot
sudo chown root:root /home/sftpuser
sudo chmod 755 /home/sftpuser

sudo systemctl restart ssh

Delete a user

# Delete user (keep home)
sudo userdel username

# Delete user and their home
sudo userdel -r username

# Verify
id username  # should say "no such user"

Change a user's shell

# Change shell
sudo chsh -s /bin/bash username
sudo chsh -s /bin/zsh username
sudo chsh -s /usr/sbin/nologin username  # disable login

# See available shells
cat /etc/shells

Lock / unlock an account

# Lock (adds ! to password)
sudo usermod -L username
sudo passwd -l username

# Unlock
sudo usermod -U username
sudo passwd -u username

# Check status
sudo passwd -S username
# Output: username L ... (L = locked, P = password active)

List users and active sessions

# All system users
cat /etc/passwd | cut -d: -f1

# Only users with home (humans, not system)
awk -F: '$3 >= 1000 && $3 < 65534 {print $1}' /etc/passwd

# Who is connected now
who
w

# Last accesses
last | head -20

# Last failed attempts
sudo lastb | head -20

Permissions on files and directories

# Change owner
sudo chown username:username /path/file

# Change recursively
sudo chown -R www-data:www-data /var/www/html

# Standard permissions for web
sudo find /var/www/html -type f -exec chmod 644 {} \;
sudo find /var/www/html -type d -exec chmod 755 {} \;

Linux VPS: Performance Tweaks

Kernel, network and system optimizations to improve Linux VPS performance

Migrate from Another Provider to DeluxHost

How to transfer an existing Linux or Windows VPS from another provider to DeluxHost without losing data

On this page

Create a new userGive sudo access (administrative privileges)SSH access for the new userWith passwordWith SSH keyCreate an SFTP-only user (without SSH)Delete a userChange a user's shellLock / unlock an accountList users and active sessionsPermissions on files and directories