adduser on Debian/Ubuntu

The adduser utility is an interactive way to create user accounts and passwords with a single command, which is unique to the Debian family of Linux distros. Most of the default settings that are missing from the Debian implementation of useradd are already set for adduser. The only thing wrong with the default settings is that it creates user home directories with the wide-open 755 permissions value. Fortunately, that's easy to change. (We'll see how in just a bit.)

Although adduser is handy for just casual creation of user accounts, it doesn't offer the flexibility of useradd and it isn't suitable for use in shell scripting. One thing that adduser will do that useradd won't is to automatically encrypt a user's home directory as you create the account. To make it work, you'll first have to install the ecryptfs-utils package. So, to create an account with an encrypted home directory for Cleopatra, you do:

sudo apt install ecryptfs-utils

donnie@ubuntu-steemnode:~$ sudo adduser --encrypt-home cleopatra
[sudo] password for donnie:
Adding user `cleopatra' ...
Adding new group `cleopatra' (1004) ...
Adding new user `cleopatra' (1004) with group `cleopatra' ...
Creating home directory `/home/cleopatra' ...
Setting up encryption ...

************************************************************************
YOU SHOULD RECORD YOUR MOUNT PASSPHRASE AND STORE IT IN A SAFE LOCATION.
  ecryptfs-unwrap-passphrase ~/.ecryptfs/wrapped-passphrase
THIS WILL BE REQUIRED IF YOU NEED TO RECOVER YOUR DATA AT A LATER TIME.
************************************************************************


Done configuring.

Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for cleopatra
Enter the new value, or press ENTER for the default
    Full Name []: Cleopatra Tabby Cat
    Room Number []: 1
    Work Phone []: 555-5556
    Home Phone []: 555-5555
    Other []:
Is the information correct? [Y/n] Y
donnie@ubuntu-steemnode:~$

The first time that Cleopatra logs in, she'll need to run the ecryptfs-unwrap-passphrase command that's mentioned in the preceding output. She'll then want to write her passphrase down and store it in a safe place:

cleopatra@ubuntu-steemnode:~$ ecryptfs-unwrap-passphrase
Passphrase:
d2a6cf0c3e7e46fd856286c74ab7a412
cleopatra@ubuntu-steemnode:~$

We'll look at the whole encryption thing more in detail when we get to the encryption chapter.