Create user account and set password with one command

I often see forum posts where a System Administrators, wants to create local user accounts on several servers and doesn't want to have to have to set the user's password over and over again. Below I share two ways to do this. The first way creates the user account and sets the password in one command. The second method sets the password in a additional command. Ether way can be used in a script, which can speed things up if you need to create one or more accout on servel systems.

Below is an example of creating a user account.

root@earth> useradd -u 25 -g staff -G ftp,users -m -d /export/home/newuser -c "newuser" -s /bin/bash newuser
root@earth> passwd newuser
passwd: Changing password for username
New Password:
Re-enter new Password:
passwd: password successfully changed for newuser

This method can be very time consuming process and would be hard to use in script. Below is an example of how using the -p option in the useradd command, to set the user's password by setting the uses hash.

root@earth> useradd -u 25 -g staff -G ftp,users -m -d /export/home/newuser -c "newuser" -s /bin/bash -p '6$jbvkjjg$qFmFH.bQmmtXzyBY0s9v7Oicd2z4XSIecDzlB5KiA2/jctKu9YterLp8wwnSq.qc.eoxqOmSuNp2xS0ktL3nh/' newuser

This method works on Linux computers, such as SLES and RHEL. It however doesn't work on systems such as Solaris.

Alternately you can also set the users by echoing the password to standard in, as shown below. The major issue with doing it this way is that the password is recorded in the system logs and if your running the command remotely then your sending the password in the clear. So I don't recomend doing it this way.

root@earth> echo password | passwd newuser --stdin

This method works only Linux systems.

Other posts with similar info
Linux User Account Creation & Customization
Adding a new user to a UNIX based system

References pages.
Online man page - useradd
Online man page - passwd

How to enforce a 14 digit password in Solaris

By default, Solaris sets the password length to around 8 digits. Many IT security departments want at least 14 digit passwords. Longer passwords make the system more secure.

The Solaris 10 OS needs to have the following settings to enforce a 14 digit password.

In /etc/security/policy.conf change the following line from _unix_ to either 1 or md5.
CRYPT_DEFAULT =_unix_ To
CRYPT_DEFAULT =1
In /etc/default/passwd change the password length line from 8 to 14.
PASSLENGTH=8 To PASSLENGTH=14

Adding a new user to a UNIX based system

This page is all about adding users to your system using the command line. All the all steps in account creation will be explained. On this post I will go over adding the user to the system with the useradd and adduser commands. Then I will use the passwd command to set the users password on the system. I also mention the usermod command that modifies existing system accounts.

This page is a work in progress if you have an input post below and I may add the content to this blog.

The useradd and adduser commands add new user to the UNIX based system.
Affected files:
/etc/passwd
/etc/shadow
/etc/usr_attr
/etc/groups

Some System Administrators add accounts to there systems by editing the above files by hand or with a script. It can be done this way without any problems, but using the useradd and adduser commands are better because they copy the default files to the new users home directory and set the proper permissions
useradd command syntax
useradd [options] {username}
Example:

root@earth> useradd -u 25 -g staff -G ftp,users -m -d /export/home/newuser -c "newuser" -s /bin/bash newuser

Explained

-u	Sets users ID to 25
-g	Sets primary group membership to staff
-G	Sets secondary groups memberships to ftp,users
-m	Makes the uses home directory
-d	Sets path to home directory
-s	Puts in a comment into the /etc/passwd file.
-s	Sets users default shell
newuser	Put the name of the account at the end
-f	Sets the number days the account can be inactive before it is locked (Solaris). For Linux systems it sets the number of days after the users password expires before the account is locked.
-e	Sets account expiration date

In many Linux distros you need only to do is this.
useradd  newuser
The OS will fill in the rest for you based on the system default.

adduser [-u uid [-o]] [-g group] [-G group,...]
[-d home] [-s shell] [-c comment] [-m [-k template]]
[-f inactive] [-e expire mm/dd/yy] [-p passwd] [-n] [-r] name
adduser -D [-g group] [-b base] [-s shell] [-f inactive] [-e expire mm/dd/yy]

If you make a mistake then you can use usermod to modify an existing account. The usermod command works just like useradd,

passwd command changes the password of a user account.

passwd username

Remove password hash in /etc/shadow for a user.
passwd -d username

passwd newuser

• Note: if you don't put a user name at the end of the passwd command then it will change the root password.