By this point in the Raspberry Pi section, we have already seen different ways to install Raspbian and how to configure most of the important options. We left managing users and passwords on Raspberry Pi for this post due to its vital importance in the security of the system.
Indeed, one of the main security measures of any system is a correct configuration of users and their passwords. Raspberry Pi, of course, is no exception.
Leaving the default password of your Raspberry Pi may be “more or less acceptable” for test equipment connected only locally (and even then, you should get used to changing it).
But if you open access to the Internet, leaving the default username and password is a serious security flaw, and a great way to demonstrate how quickly Internet pirate bots act.
In addition to changing the password, which as we say is a basic and essential security measure, it is also highly recommended to change the default user. This makes your Raspberry Pi more secure, as knowing the username is approximately half the work for the “bad guys”, and the more difficult they have it, the better.
Fortunately, managing permissions, passwords, groups, and users, as well as configuring security, are one of the strong points of Linux-based systems like Raspbian.
So in this post we are going to dedicate a little work to see the management of users and passwords on Raspberry Pi, an essential security tool in any computer system.
Default Raspberry Pi password
Just to remember, the default password in Raspbian is:
- Username: pi
- Password: raspberry
That you will only need for the first boot of the system, because you are immediately going to change it, right? Again, do not leave the default password.
Change the Raspberry Pi password
To change our user’s password, from a command line, we use the command:
passwd
Next, we write the current password and then the new one twice.
If what we want is to change the password of another user, simply add the username as a parameter
sudo passwd nombreUsuario
Being nombreUsuario the name of the user we want to change the password. Obviously, we can only execute this action if we are root users of the system.
Create and delete users
Managing users is another maintenance task for any system. Even if you are the only user, after installing Raspberry Pi, it is convenient to create your own user, and log in with it, and then delete the default user ‘Pi’.
To create a new user we use this command:
adduser nombreUsuario
Deleting a user is just as simple, using the command:
deluser nombreUsuario
That easy! On the other hand, sometimes you will see an alternative way of creating and deleting users, using the ‘useradd’ and ‘userdel’ commands. The fact that there are two groups of commands can generate some confusion.
The explanation is that ‘useradd’ and ‘userdel’ are system binary files, while ‘adduser’ and ‘deluser’ are perl scripts that use the previous binaries.
We must get used to using exclusively the previous ‘adduser’ and ‘deluser’ from the command line. On the other hand, ‘useradd’ and ‘userdel’ are more intended to be used from scripts. However, here we leave you the syntax of these alternative commands.
# create a new user
useradd nombreUsuario
# create user, full version
useradd -c "Username" -g group -d /home/username -s /bin/bash nombreUsuario
# delete user
userdel nombreUsuario
# delete user and remove their home directory
userdel -r nombreUsuario
User session management
Some additional useful commands for user session control. First, to end the session we use the command:
logout
If during a session we want to briefly act as another user, without logging out, we can temporarily switch with the following command
su - nombreUsuario
To end this “temporary session” and return to our “normal” user we simply do:
exit
If we want to see the name of the user we are currently logged in as we use:
whoami
We can also list all the users who are logged into the system with the command:
who
Finally, if we want to get a record of the last login of the users, we can use:
lastlog
So far, the basics of user management, passwords, and user sessions. Of course, there are many more related commands and options, but this covers most needs.
In the next post, we will see the management of user groups, another basic aspect for system security, and which facilitates the management of permissions and users. See you soon!