A temporary Linux user is an account created with a limited lifespan, unlike permanent user accounts that typically last as long as the system itself. Think of them as guest passes to the Linux world, granting access for a specific purpose and duration.
Here’s a breakdown of who a temporary Linux user might be:
- The IT technician: Imagine a scenario where you call in a techie to fix your computer. They might need temporary access to diagnose the issue and apply fixes without messing with your personal files or settings.
- The visiting colleague: A colleague from another department might need temporary access to collaborate on a project, requiring specific resources but not full-fledged system privileges.
- The curious student: Perhaps you’re training someone on using Linux, and they need a sandbox environment to practice commands and explore the system without impacting the main setup.
- The security auditor: During a security audit, dedicated temporary accounts might be used to simulate potential attacker behavior and assess the system’s defenses.
- The public kiosk user: In libraries, schools, or public access points, temporary accounts might be offered for users to browse the internet or access specific applications without leaving any personal data behind.
These are just a few examples, and the possibilities are endless. The key takeaway is that temporary users come and go, serving specific purposes for a limited time, and then gracefully disappear from the system, leaving no trace.
To create a temporary Linux user on Ubuntu, you can use the useradd
command to add a new user and optionally set an expiration date for the account using the chage
command.
Here’s a step-by-step guide:
Create the temporary User
Let’s first create a user using the useradd
command. In this example, we’re calling the user “temporaryuser”. See the command below:
sudo useradd temporaryuser
You can replace “temporaryuser” with your desired name for the user you want to create.
Set Password for the Linux User
After creating the user, we need to assign it with a password using the passwd
command as seen below:
sudo passwd temporaryuser
Please note that when setting a password for a Linux user, the characters are not visible on the terminal. So, it’s important that you first type the password and save it somewhere.
Set the expiration date for the Linux User
In Linux, user account expiration is managed through the chage
command, which stands for “change age.” The chage
command is used to modify the user password expiry information. The expiration date is set in terms of the number of days since the Unix epoch (January 1, 1970).
To set the expiry date for the Linux, here is the command;
sudo chage -E YYYY-MM-DD temporaryuser
From the above, the -E flag or parameter works with chage
command to set the date on which the user account will expire. The date is specified in the format YYYY-MM-DD
.
Account expiry after a certain number of days
If you want the account to expire after a certain number of days from today, you can use the following command:
sudo chage -E $(date -d "+X days" "+%Y-%m-%d") temporaryuser
Replace “X” with the number of days the account should be valid.
The above command calculates a date X days from the current date. It uses the date
command to perform this calculation. The "+X days"
part instructs date
to add X days to the current date and "+%Y-%m-%d"
specifies the output format as YYYY-MM-DD.
Verify the account expiration for a Linux user
You can verify that the user has been created and check the expiration date:
sudo chage -l temporaryuser
This command will display information about the user account, including the account’s expiration date as seen below;
Last password change : Jan 16, 2024
Password expires : never
Password inactive : never
Account expires : Dec 22, 2024
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
What happens when the Linux user expires?
On the expiration date, the account does not get deleted automatically. Instead, the account is usually locked, preventing the user from logging in.
To reactivate an expired account, administrators need to modify the account’s expiration date using the chage
command.
For example, to extend the expiration date, you can run:
sudo chage -E YYYY-MM-DD username
RECOMMENDED READING: How to Easily Create and Add Users in Linux