How to Check the List of Users in Ubuntu | Complete Guide to Login, Management, and Deletion

1. Introduction

Ubuntu is a popular Linux distribution used by many users, ranging from personal use to enterprise server environments. Managing user accounts is essential when administering an Ubuntu system. In particular, checking the list of registered users helps with security management and account organization.

This article provides a detailed explanation of how to check the list of users in Ubuntu. It covers everything from basic commands to retrieving detailed user information, making it useful for both beginners and advanced users.

2. How to Check the List of Users in Ubuntu

In Ubuntu, user information can be easily retrieved using specific files or commands. You can check the list of users using the following methods.

2.1 Displaying the List of Users with /etc/passwd

In Ubuntu, all user information is stored in the /etc/passwd file. By displaying this file, you can check all registered users.

Example Command

cat /etc/passwd

Executing this command will display information in the following format:

root:x:0:0:root:/root:/bin/bash
user1:x:1000:1000:User One,,,:/home/user1:/bin/bash
user2:x:1001:1001:User Two,,,:/home/user2:/bin/bash

Each line consists of fields separated by a colon (“:“) and contains the following information:

1. Username
2. Password (currently displayed as “x” for security)
3. User ID (UID)
4. Group ID (GID)
5. User Information (Comments)
6. Home Directory
7. Default Shell

Since this file includes system users as well, you can use the following method to extract only regular login users.

2.2 Retrieving Only Usernames

To display only the list of usernames, use the following command:

cut -d: -f1 /etc/passwd

Alternatively, you can use the awk command:

awk -F':' '{ print $1 }' /etc/passwd

Example output:

root
user1
user2

2.3 Searching for a Specific User

To check if a specific user exists, use the grep command:

grep 'user1' /etc/passwd

Executing this command will display only the information related to user1.

2.4 Retrieving Group Information with /etc/group

To check which groups a user belongs to, refer to the /etc/group file.

cat /etc/group | cut -d: -f1

To check the groups a specific user belongs to, use the following command:

groups user1

Example output:

user1 : user1 sudo

This indicates that user1 is also a member of the sudo group.

3. How to Check Currently Logged-In Users

In Ubuntu, there are several ways to check which users are currently logged into the system. By using specific commands, you can retrieve information about active sessions and logged-in users.

3.1 Checking Logged-In Users with the who Command

The who command lists all currently logged-in users.

Example Command

who

Example Output

user1    tty1         2025-02-16 10:05
user2    pts/0        2025-02-16 11:30

Explanation of Fields

1. Username (The logged-in user)
2. Terminal Name (Physical console tty1 or remote session pts/0)
3. Login Time

The who command is simple and useful for quickly checking logged-in users.

3.2 Checking Detailed User Activity with the w Command

The w command provides more detailed information than who.

Example Command

w

Example Output

 11:35:25 up 2:15,  2 users,  load average: 0.03, 0.02, 0.00
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
user1    tty1                      10:05    1:30m  0.10s  0.10s -bash
user2    pts/0    192.168.1.10      11:30    0.00s  0.05s  0.02s sshd

Explanation of Fields

• System Uptime (up 2:15)
• Number of Logged-In Users (2 users)
• CPU Load Average
• Username (USER)
• Connected Terminal (TTY)
• Remote Connection Source (FROM)
• Login Time (LOGIN@)
• Idle Time (IDLE)
• CPU Usage (JCPU, PCPU)
• Running Process (WHAT)

Since the FROM field shows the remote IP address for SSH connections, this command is useful for managing and monitoring remote access.

3.3 Quickly Checking Logged-In Users with the users Command

If you only need a simple list of currently logged-in usernames, use the users command.

Example Command

users

Example Output

user1 user2

This command is a simplified version of who, displaying only usernames.

3.4 Checking the Current User with the whoami Command

If you want to check which user is currently running a terminal session, use the whoami command.

Example Command

whoami

Example Output

user1

This command is useful for verifying which user account is executing commands.

3.5 Checking Recent Login History with the last Command

The last command allows you to check the login history of past users.

Example Command

last

Example Output

user1    pts/0        192.168.1.10     Mon Feb 15 10:20   still logged in
user2    tty1                          Mon Feb 15 09:30 - 10:00  (00:30)
root     tty1                          Sun Feb 14 22:15 - 23:45  (01:30)

Explanation of Fields

• Username
• Connected Terminal (tty1, pts/0, etc.)
• Remote Connection Source (IP Address)
• Login Start Time
• Logout Time (or “still logged in” for active sessions)
• Total Login Duration (e.g., 00:30 = 30 minutes)

This command is useful for monitoring past logins and detecting unauthorized access.

4. How to Check Detailed User Information

In Ubuntu, several commands are available to retrieve detailed information about registered users. By checking a user’s UID, groups, login shell, and other attributes, administrators can manage permissions and security settings effectively. This section explains how to obtain detailed user information using commands like id, finger, and chage.

4.1 Checking User UID, GID, and Groups with the id Command

The id command provides information about a user’s UID (User ID), GID (Group ID), and group memberships.

Example Command

id user1

Example Output

uid=1001(user1) gid=1001(user1) groups=1001(user1),27(sudo),1002(docker)

Explanation of Fields

• uid=1001(user1) → User ID (Unique identifier for the user)
• gid=1001(user1) → Group ID (Primary group of the user)
• groups=1001(user1),27(sudo),1002(docker) → List of groups the user belongs to

This information is useful when verifying which groups a user is assigned to.

Checking Information for the Currently Logged-In User

id

Executing this command will display the ID information for the currently logged-in user.

4.2 Checking a User’s Groups with the groups Command

To check which groups a specific user belongs to, use the groups command.

Example Command

groups user1

Example Output

user1 : user1 sudo docker

While the id command also provides group information, the groups command is more convenient when you only need to check group names.

Checking Groups for the Currently Logged-In User

groups

This command displays the groups that the current user belongs to.

4.3 Retrieving Detailed User Information with the finger Command

The finger command provides additional details such as full name, login information, and shell type.

Installing finger

The finger command is not installed by default. Install it with the following command:

sudo apt install finger

Example Command

finger user1

Example Output

Login: user1                    Name: User One
Directory: /home/user1           Shell: /bin/bash
Last login: Mon Feb 16 10:20 (UTC) on pts/0

Explanation of Fields

• Login → Username
• Name → Full name (may be empty)
• Directory → User’s home directory
• Shell → The shell the user is using
• Last login → The last recorded login time

System administrators can use finger to quickly check which users are logged in and their last login activity.

4.4 Checking Password Expiration with the chage Command

Administrators can use the chage command to check password expiration details and the last password change date for a user.

Example Command

sudo chage -l user1

Example Output

Last password change            : Jan 15, 2025
Password expires                : Mar 15, 2025
Password inactive               : never
Account expires                 : never
Minimum number of days between password change : 7
Maximum number of days between password change : 60
Number of days of warning before password expires : 5

Explanation of Fields

• Last password change → The date of the last password update
• Password expires → The password expiration date
• Password inactive → The period before a password becomes inactive
• Account expires → The date the account will be disabled
• Minimum number of days between password change → The required minimum interval between password changes
• Maximum number of days between password change → The maximum period a password remains valid
• Number of days of warning before password expires → The number of days before expiration when users receive a warning

Administrators can use this information to enforce a password policy and enhance security.

5. Managing Users in Ubuntu (Adding, Deleting, and Modifying)

Proper user management is crucial for system administrators in Ubuntu. Adding new users, removing old ones, and modifying existing user information helps maintain security and efficiency. This section explains how to manage users using commands such as adduser, deluser, and usermod.

5.1 Adding a User

To create a new user in Ubuntu, you can use either the adduser or useradd command.

5.1.1 Using the adduser Command (Recommended)

The adduser command is an interactive tool that simplifies the user creation process.

Example Command

sudo adduser newuser

Interactive Process

Adding user `newuser' ...
Adding new group `newuser' (1002) ...
Adding new user `newuser' (1002) with group `newuser' ...
Creating home directory `/home/newuser' ...
Copying files from `/etc/skel' ...
Enter new UNIX password: ********
Retype new UNIX password: ********
passwd: password updated successfully
Changing the user information for newuser
Enter the new value, or press ENTER for the default
        Full Name []: 
        Room Number []: 
        Work Phone []: 
        Home Phone []: 
        Other []: 
Is the information correct? [Y/n] 

What Gets Created

• User account
• Dedicated group
• Home directory (/home/newuser)
• Login password
• Basic user information

This method is the most common and is beginner-friendly.

5.1.2 Using the useradd Command (For Advanced Users)

The useradd command differs from adduser in that it is a lower-level tool, designed for scripting and does not automatically create a home directory.

Example Command

sudo useradd -m -s /bin/bash newuser
sudo passwd newuser

Option Descriptions

• -m → Creates a home directory
• -s /bin/bash → Sets the default shell to /bin/bash

When using useradd, you must manually set a password for the new user.

5.2 Deleting a User

To remove a user account that is no longer needed, use either the deluser or userdel command.

5.2.1 Using the deluser Command (Recommended)

The deluser command is the counterpart of adduser and is used for removing users.

Example Command

sudo deluser newuser

Removing the Home Directory as Well

sudo deluser --remove-home newuser

This command will delete both the user account and the user’s home directory (/home/newuser).

5.2.2 Using the userdel Command (For Advanced Users)

The userdel command provides more direct control over user removal.

Example Command

sudo userdel newuser

Deleting the Home Directory

sudo userdel -r newuser

Unlike deluser, userdel can be risky if used incorrectly, so be cautious.

5.3 Modifying User Information

To modify an existing user’s details, use the usermod command.

5.3.1 Changing a Username

Example Command

sudo usermod -l newname oldname

This changes oldname to newname.

5.3.2 Changing the Home Directory

To change a user’s home directory, use the -d option.

Example Command

sudo usermod -d /new/home/path user1

Moving the Current Home Directory to a New Location

sudo usermod -d /home/newuser -m user1

5.3.3 Changing a User’s Group Membership

To add a user to a different group, use usermod -aG.

Adding a User to the sudo Group

sudo usermod -aG sudo user1

Checking Current Group Membership

groups user1

5.3.4 Changing a User’s Password

Administrators can change a user’s password using the passwd command.

Example Command

sudo passwd user1

Example Output

Enter new UNIX password: ********
Retype new UNIX password: ********
passwd: password updated successfully

This command updates the password for user1, requiring them to use the new password at their next login.

6. Practical Use Cases for User Management

Managing users in Ubuntu is not just about listing, adding, or deleting them. Understanding how to manage users effectively based on specific scenarios is crucial. This section provides real-world use cases and command examples to help you manage users efficiently.

6.1 Finding Users Based on Specific Criteria

6.1.1 Listing Administrators (Users with sudo Privileges)

System administrators often need to check which users have sudo privileges. You can retrieve this information using the getent command to search the /etc/group file.

Example Command

getent group sudo

Example Output

sudo:x:27:user1,user2

Output Explanation:

• sudo:x:27: → Information about the sudo group
• user1,user2 → Users who belong to the sudo group

This method allows you to quickly verify which users have administrative privileges.

6.1.2 Listing Only Login-Capable Users

The /etc/passwd file includes both system and regular users. To find users who can actually log in, filter users with a valid shell.

Example Command

grep '/bin/bash' /etc/passwd

Example Output

user1:x:1001:1001::/home/user1:/bin/bash
user2:x:1002:1002::/home/user2:/bin/bash

Advantages of This Method:

• Only users with /bin/bash or /bin/sh are shown
• System accounts with nologin are excluded

6.1.3 Listing System Users (Non-Login Accounts)

System users usually have /usr/sbin/nologin or /bin/false set as their default shell. You can filter them using the following command.

Example Command

grep -E '/usr/sbin/nologin|/bin/false' /etc/passwd

Example Output

daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
syslog:x:104:110::/home/syslog:/bin/false

Checking system accounts ensures they are not mistakenly deleted.

6.2 Periodically Removing Unused Users

6.2.1 Listing Users Who Haven’t Logged In Recently

To delete inactive users, check the last login history using the lastlog command.

Example Command

lastlog

Example Output

Username         Port     From             Latest
root            tty1                      Mon Feb 12 14:02:08 +0000 2025
user1           pts/0    192.168.1.10      Mon Jan 15 10:30:12 +0000 2025
user2           pts/1    192.168.1.20      Never logged in

• Never logged in → User has never logged in

Based on this information, you can decide whether to remove inactive accounts.

Command to Delete an Unused Account

sudo deluser user2 --remove-home

6.2.2 Checking Password Last Change Date

The chage command lets you check when a user last changed their password.

Example Command

sudo chage -l user1

Example Output

Last password change            : Jan 15, 2025
Password expires                : Mar 15, 2025
Password inactive               : never

If a password hasn’t been changed for a long time, you may want to force a reset.

Forcing a Password Change

sudo passwd --expire user1

This forces the user to set a new password upon next login.

6.3 Checking Users Connected via SSH

When managing a remote server, it is important to track which users are connected via SSH.

Example Command

who | grep pts

Example Output

user1    pts/0        192.168.1.10     11:30

This command helps identify remote users and their IP addresses.

6.4 Exporting All User Information to a CSV File

If you need to create a report listing all users, you can export the data using the getent command.

Example Command

getent passwd | awk -F: '{print $1 "," $3 "," $4 "," $6}' > users.csv

Example CSV Output

root,0,0,/root
user1,1001,1001,/home/user1
user2,1002,1002,/home/user2

• Usernames, UIDs, GIDs, and home directories are exported in CSV format
• The data can be analyzed using Excel or Google Sheets

7. FAQ (Frequently Asked Questions)

This section answers common questions related to user management in Ubuntu. It provides troubleshooting tips and best practices for efficient user administration.

7.1 Is it Safe to Edit /etc/passwd Directly?

Answer:

Direct editing is not recommended. The /etc/passwd file is a critical system file, and incorrect modifications can prevent users from logging in.

Recommended Methods:

Use commands like usermod or vipw for safe editing.

Safe Editing Command:

sudo vipw

This command locks the file to prevent concurrent edits, ensuring safe modifications.

7.2 What’s the Difference Between who and users Commands?

Answer:

Example Usage:

who

Example Output:

user1    tty1         2025-02-16 10:05
user2    pts/0        2025-02-16 11:30

users

Example Output:

user1 user2

The who command provides more detailed information.

7.3 How Can I Check a Specific User’s Login History?

Answer:

Use the last command to check login history.

Example Command:

last user1

Example Output:

user1    pts/0        192.168.1.10     Mon Feb 15 10:20   still logged in
user1    tty1                          Mon Feb 10 09:30 - 10:00  (00:30)

This helps track login activities, including remote connections.

7.4 How Can I Change a User’s Password?

Answer:

Administrators can change a user’s password using the passwd command.

Example Command:

sudo passwd user1

Example Output:

Enter new UNIX password: ********
Retype new UNIX password: ********
passwd: password updated successfully

The user must use the new password upon the next login.

7.5 Can I Temporarily Disable a User Account?

Answer:

Yes, you can temporarily lock an account using usermod.

Locking an Account:

sudo usermod -L user1

The user will not be able to log in until unlocked.

Unlocking an Account:

sudo usermod -U user1

7.6 How Do I Add a User to the sudo Group?

Answer:

Use the usermod command to grant sudo privileges.

Example Command:

sudo usermod -aG sudo user1

After running this command, user1 can execute commands with sudo.

7.7 How Can I Move a User’s Home Directory?

Answer:

Use usermod -d to set a new home directory.

Example Command:

sudo usermod -d /new/home/path -m user1

7.8 How Do I Completely Remove a User and Their Data?

Answer:

Use deluser or userdel to remove a user.

Example Command:

sudo deluser --remove-home user1

Alternatively:

sudo userdel -r user1

This will delete both the user account and the home directory.

7.9 How Can I Check Active User Activity?

Answer:

Use the w command to monitor logged-in users.

Example Command:

w

Example Output:

 11:35:25 up 2:15,  2 users,  load average: 0.03, 0.02, 0.00
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
user1    tty1                      10:05    1:30m  0.10s  0.10s -bash
user2    pts/0    192.168.1.10      11:30    0.00s  0.05s  0.02s sshd

This command helps track user activity and system load.

8. Conclusion

Managing users in Ubuntu is essential for both personal and enterprise environments. By using the commands and techniques covered in this guide, you can effectively handle user accounts, enhance security, and optimize system administration.

Regularly monitoring user activity, managing permissions, and keeping security settings up to date will ensure a well-maintained and secure system.