Updated on Noc 2017!
We will use this post to share all the useful linux commands used in other entries.

Managing linux user and group accounts

The system administrator has many responsibilities including configuring user and group accounts, scheduling tasks using the system log daemon and solving problems. In this quick memorandum we will see the basic linux commands to manage user accounts and groups. We will use the low level utilities useradd and groupadd.

Add a group

Let’s say we are sharing our computer with a few friends, add a new group called mates

userk@dopamine ~$ sudo groupadd -g 1024 mates

This command adds a new entry to /etc/group. Unless you use the -g option to assign a group ID, the system will pick up the next available number > 1000.

If you mistyped the name of the group you can rename it with groupmod the option -n

userk@dopamine ~$ sudo groupmod -n newName oldName

To delete use groupdel nameGroup.

Add a user

Now, let’s add a new user account to the system with the useradd utility. The following command adds new entries to /etc/passwd and /etc/shadow files, creates the user’s home directory, adds gabry to the mates group and assigns the next highest unused Id to the new account. Then set the new password.

userk@dopamine ~$ sudo useradd -G mates -d /home/gabry/ -m gabry
userk@dopamine ~$ sudo passwd gabry

You will be asked for a new password and few general details. Now login with the newly created account and try to update.

userk@dopamine ~$ su gabry

Ok you are now logged in.

gabry@dopamine ~$ sudo apt-get update

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

[sudo] password for gabry: gabry is not in the sudoers file. This incident will be reported. gabry@dopamine ~$

I love this message! Before executing commands with sudo you need to add Gabry in the sudoers file. So exit the session and run the following command.

gabry@dopamine ~$ exit
userk@dopamine ~$ sudo usermod -a -G sudo gabry
userk@dopamine ~$ su gabry
gabry@dopamine ~$ sudo apt-get update

Fast way to encrypt a string for linux like OS

Let’s say we want to encrypt a string like ‘Esprit Open Source’. We can use the gpg command, which is an encryption and signing tool for Linux/UNIX like operating system. Let’s encrypt the message using AES256 insead of the default option. (check this useful question )

userk@dopamine ~$ echo 'Esprit Open Source' | gpg -c --cipher-algo AES256 --no-use-agent | base64 
Enter passphrase: userk

Ok the encrypted string is ‘jA0ECQMCpRRMo9+LOHNg0kgBajtQ//qqjeljfEbiqwVbTmbZt3iJ2Npeyj57anazz8tlRovlIbON
Now let us try to decrypt it using the passphrase ‘userk’.

userk@dopamine ~$ echo -n 'jA0ECQMCpRRMo9+LOHNg0kgBajtQ//qqjeljfEbiqwVbTmbZt3iJ2Npeyj57anazz8tlRovlIbONdcqbXviIyS/1iDGxxsBikxocmmw8SsOXZyeLxgZoXQ8=' | base64 --decode | gpg -d --cipher-algo AES256 --no-use-agent
gpg: AES256 encrypted data
gpg: encrypted with 1 passphrase
Esprit Open Source

Change the hostname

If you want to change the name of your computer or device you have to change the name saved in the following file

userk@dopamine ~$ cat /etc/hostname

Change it to whatever you want and reboot. If you get an error like ‘sudo: unable to resolve host’ try to reboot in recovery mode and change the hostname associated with localhost as described in this question.

Custom ssh banner

In order to modify the banner showed during the authentication process using ssh, we need to modify the configuration file as follows:

userk@dopamine ~$ sudo vim /etc/ssh/sshd_config

Remove the ‘#’ before Banner /etc/issue.net

userk@dopamine ~$ sudo vim /etc/issue.net

and insert the welcome message you want to show. If you now try to login with ssh you will see your message and the password request but at the end there will be a message like the following

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.

We don’t want these lines to be shown in the welcome message. So, as reported by Olivier Lalonde in this answer, all we need to do is:

userk@dopamine ~$ touch ~/.hushlogin

Network Setting basics

If you want to set a static ip in order to obtain the same address, first check yout actual ip address netmask and gateway:

userk@dopamine ~$ ifconfig
wlp3s0    Link encap:Ethernet  HWaddr a4:db:30:a2:19:58  
          inet addr:  Bcast:  Mask:
          inet6 addr: fe80::51d4:151b:1970:12d6/64 Scope:Link

So in my case, the ip address is and the netmask Check your gateway ip with:

userk@dopamine ~$ ip route show
default via dev wlp3s0  proto static  metric 600

Ok we have all the ingredients. Now let’s say we want to set the static ip to, modify the /etc/network/interfaces file.

userk@dopamine ~$ sudo vim /etc/network/interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static

#allow-hotplug wlan0
#iface wlan0 inet manual
    #wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

Then restart network-manager

userk@dopamine ~$ sudo service network-manager restart

Common issues

If you get a the following error:

RTNETLINK answers: File exists
Failed to bring up eth0

You might have to flush the eth0 device before ifup and ifdown.

userk@dopamine ~$ sudo ip addr flush dev eth0

Ping : Operation not permitted

If you are getting an error like the following while executing ping

Ping: icmp open socket: Operation not permitted

Check to ensure that the ping binary is setuid root:

userk@dopamine ~$ ls -l `which ping`
-rwxr-xr-x 1 root root 38844 Feb 12  2014 /bin/ping

The next command will do the trick:

userk@dopamine ~$ sudo chmod u+s `which ping`

Then you will be allowed to ping as anyone. Hope this helps