How To Add Users To The Sudoer File On Linux

The terminal command that most Linux users, new and old, are familiar with is sudo. With it, a user can execute a Root level command without needing to log into the system account. This is incredibly convenient, not to mention useful for those who hate logging in and out of Root to get things done. As a bonus, sudo makes Linux systems more secure.

These days, sudo isn’t thought much about. During Linux installation, it usually is automatically set up and ready to go.

Install Sudo

Though it might sound a bit weird, not all Linux distributions come with sudo configured right away. In some rare cases, it may not even be installed. As a result, you’ll actually need to install it. Installing sudo is quite easy, and available on everything Linux related. Head over to Pkgs.org, and learn the packages you’ll need to get sudo installed on your Linux PC. Alternatively, follow the commands below to install it on your operating system.

Note: the installation instructions outline how to install sudo on Linux distributions that may not have sudo out of the box, or have it fully configured, etc.

Debian

su -

apt-get install sudo

Arch Linux

su -

pacman -S sudo

Fedora

su - 

dnf install sudo

OpenSUSE

su -

zypper install sudo

Gentoo/Funtoo

su -
emerge app-admin/sudo

Add Users To sudo Via Groups

By far the easiest way to manage users in the Sudoer file is to create a group that can access sudo, then add them to the specific group. Often times, setting up sudo in this way works by adding users to the “wheel” group, or, alternatively, the “sudo” group.

Depending on your Linux operating system, the group may vary. To confirm what group system it uses, run the cat command and read /etc/sudoers/.

su -
cat /etc/sudoers | more

Look for a line that says “Allow members of group sudo to execute any command”. Underneath it, there should be one of these two lines:

%sudo ALL=(ALL:ALL) ALL

or

%wheel ALL=(ALL:ALL) ALL

Take note of what group (wheel or sudo) that is at the start of the line, and then add your existing user to that group to give it sudo privileges.

su –

usermod -a -G sudo yourusername

or

usermod -a -G wheel yourusername

Be sure to repeat this process for each user you wish to give sudo access to.

Add Users To Sudoer File Directly

Another way of granting sudo access to users is by specifically specifying them in the Sudoer File. This is a little more involved than the last method, but preferable if you don’t like dealing with the group system on Linux. To start off, open up a terminal and log into Root with su.

su -

Now that the shell has Root access, it’s time to edit the /etc/sudoers file. Please note that editing this file MUST be done with the visudo command. Editing /etc/sudoers directly will break things and is dangerous. Instead, try:

EDITOR=nano visudo

Placing EDITOR in front of the visudo command will allow us to modify /etc/sudoers with Nano, rather than the Vi text editor. From here, scroll down and find “User privilege specification”. Underneath the line that specifies “Root”, add a new privilege line for your user:

username ALL=(ALL:ALL) ALL

Save Nano with Ctrl + O and close it with Ctrl + X. From here on, your user should be able to use commands via sudo.

Passwordless sudo

Passwordless sudo works like traditional sudo privileges. To enable it, you’ll need to specify via the Sudoer file. Some Linux distributions have a version of sudo that can easily be configured. Others don’t have any reference to “passwordless sudo” at all.

To determine if your operating system’s Sudoer file already supports it, run the cat command.

cat /etc/sudoers/ | more

First, open up the Sudero file and comment out:

%sudo ALL=(ALL:ALL) ALL

or

%wheel ALL=(ALL:ALL) ALL

Disabling these lines to turn off “password sudo”. Next, look through and find “Same thing without a password”. Remove the # from in front of the line. Save the editor with Ctrl + O, and Ctrl + X. Saving should automatically enable passwordless sudo on your Linux PC.

Disable sudo For Specific Users

The best way to disable sudo for specific users is to follow the instructions above and only add it on a per-user basis. If this doesn’t fit with your workflow, and you prefer to give sudo privileges to users via groups, a good way to prevent certain users from accessing this command is to remove the group from their account. To do this, run:

su -

gpasswd -d sudo

or

gpasswd -d wheel

After removing the user from the sudo group, there’s no way for it to use the command to execute system-level operations.

Read How To Add Users To The Sudoer File On Linux by Derrik Diener on AddictiveTips – Tech tips to make you smarter

How To Manage Groups And Users On Linux

User and group management on Linux sounds pretty complex, but it’s actually quite easy. If you’ve had trouble understanding how to create new groups, delete existing groups, or modifying users on your system, don’t worry. As it turns out, even the most experienced of Linux users can easily forget the fundamentals. In this guide, we’ll go over all the ways you can manage groups and users on the Linux platform.

Create New Groups

Creating new groups isn’t something many users do, as most Linux distributions don’t need it. If you’re installing software or managing things in a way that requires a new group, the quickest way to accomplish this is with the command-line with the groupadd command.

To use groupadd, you’ll need root access, or at the very least, the ability to interact with the system via sudo privileges. Confirm that your user can do this, then open up a terminal and do the following to create a new group:

su -

groupadd newgroup

or, alternatively, make a new group with sudo:

sudo groupadd newgroup

alternatively, create multiple groups at once:

su -
groupadd newgroup, newgroup2, newgroup3

or

sudo groupadd newgroup, newgroup2, newgroup3

Groupadd will create the new group on your Linux system. To confirm that the group is there, consider filtering through the list of groups on your PC.

cut -d: -f1 /etc/group | grep newgroup

By combining the above command with grep, it’s possible to filter out the new group you made. If the command returns nothing, try to create the user group again.

Delete Groups

If you have no use for a certain group on your Linux PC, it’s a good idea to delete it. Removing a user group on Linux is as easy as creating a new one. First, log in as su, or confirm your user can execute sudo commands. Then, run the groupdel command to get rid of an existing group.

su -
groupdel newgroup

or

sudo groupdel newgroup

Running groupdel should get rid of it. List all available groups on your PC to be sure.

cut -d: -f1 /etc/group | grep newgroup

If Grep doesn’t return anything, you’ll know for sure the group is gone.

Add/Remove Users To Groups

To add existing users to a newly created group, you’ll need to make use of the usermod command. Open up a terminal and use the cut command to view all groups. Go through the list and find the names of the groups you’d like to add your user to. Alternatively, use the name of the user group created earlier.

Note: like before, confirm you can log into Root with su, or that you’re able to use sudo before modifying critical user information.

su -

usermod -a -G newgroup yourusername

or

sudo usermod -a -G newgroup yourusername

Confirm your user is added to the new group by running the following command:

groups

Manage Users

Aside from managing groups on Linux, learning how to create and manage users is also key to maintaining a harmonious Linux system. Unlike group management, user tools are a lot less complicated. There’s not a whole lot of complexity to it. In this section of the guide we’ll go over how to create a new user on Linux with the command line and how to delete a user.

Create New User

Need to create a new user on your Linux system? Start out by opening up a terminal window. In the terminal, gain root access with su or sudo.

su -

or

sudo -s

Now that you’ve got a root shell, it’ll be much easier to manipulate users without needing to add “sudo”, and a password over and over. To create a new user with a full home directory, run the command below.

Note: on some Linux PC’s you may need to replace “useradd” with “adduser”.

useradd newuser

Alternatively, it’s possible to create a new user and assign groups to it at the same time:

useradd -G group1, group2, group3, group4, group5, group6 newuser

After creating the new user, set the password:

passwd newuser

Delete User

Deleting users on Linux is quite straightforward and easy. Getting rid of a user can easily be accomplished on Linux by making use of the userdel command.

Note: before continuing with deleting users, be sure to log out of everything. It’s a very bad idea to delete a user that is currently in use. Things can go wrong, and you’ll reget it.

Once you’ve made sure you’re not logged into the user you plan to delete, run:

su -

or

sudo -s

Followed by:

userdel -r newuser

To delete the user but preserve the Home directory, run this command instead:

userdel newuser

Read How To Manage Groups And Users On Linux by Derrik Diener on AddictiveTips – Tech tips to make you smarter

3 Ways To Secure An SSH Server On Linux

SSH is awesome, as it allows us to gain terminal access to other Linux PCs and servers over the network, or even the internet! Still, for as amazing as this technology is, there are some glaring security issues that make using it unsafe. If you’re an average user, there’s no real need to install complicated SSH security tools. Instead, consider following these basic steps to secure an SSH server on Linux.

Change Default Connection Port

By far the quickest and easiest way to secure an SSH server is to change the port it uses. By default, SSH server runs on port 22. To change it, open up a terminal window. Inside the terminal window, SSH to the remote PC hosting SSH server.

ssh user@local-ip-address

Once logged in, drop from a regular user to Root. If you’ve got the Root account on, logging in with su is a good choice. Else, you’ll need to gain access with sudo.

su -

or

sudo -s

Now that you’ve got admin access, open up the SSH configuration file in Nano.

nano /etc/ssh/sshd_config

Scroll through the configuration file for “Port 22”. Remove the if there is one, then change 22″ to another number. Typically, a port above 100, or even one in the 1,000 range will suffice. After changing the port number, press the Ctrl + O keyboard combination to save the edits. Then, exit the editor by pressing Ctrl + X.

Editing the configuration file isn’t going to immediately switch your SSH server over to using the correct port. Instead, you’ll need to manually restart the service.

systemctl restart sshd

Running the systemctl command should reboot the SSH daemon and apply the new settings. If restarting the daemon fails, another option is to reboot your SSH server machine:

reboot

After restarting the daemon (or machine), SSH will not be accessible via port 22. As a result, connecting over SSH requires manually specifying the port.

Note: be sure to change “1234” with the port set in the SSH configuration file.

ssh -p 1234 user@local-ip-address

Disable Password Login

Another great way to secure an SSH server is to remove password login and instead transition to logging in via SSH keys. Going the SSH key route creates a circle of trust between your SSH server and remote machines that have your key. It’s an encrypted password file that’s hard to crack.

Set up with an SSH key on your server. When you’ve got the keys set up, open up a terminal and open up the SSH configuration file.

su -

or

sudo -s

Then, open the config in Nano with:

nano /etc/ssh/sshd_config

By default, SSH servers handle authentication via the user’s password. If you’ve got a secure password, this is a good way to go, but an encrypted SSH key on trusted machines is faster, more convenient, and secure. To finish the transition to “passwordless login”, look in the SSH configuration file. Inside this file, scroll through and find the entry that says “PasswordAuthentication”.

Remove the # symbol from in front of “PasswordAuthentication”, and ensure it has the word “no” in front of it. If everything looks good, save the edits to the SSH configuration by pressing Ctrl + O on the keyboard.

After saving the configuration, close Nano with Ctrl + X, and restart SSHD to apply the changes.

systemctl restart sshd

If you don’t use systemd, try restarting SSH with this command instead:

service ssh restart

Next time a remote machine tries to log into this SSH server, it will check for the correct keys and let them in, without a password.

Disable Root Account

Disabling the Root account on your SSH server is a way to mitigate the damage that may occur when an unauthorized user gains access over SSH. To disable the Root account, it is imperative that at least one user on your SSH server can gain Root via sudo. This will ensure that you can still gain system-level access if you need it, without the Root password.

Note: be sure that the users who can access Root privileges via sudo have a secure password, or disabling the superuser account is pointless.

To disable Root, elevate the terminal to superuser privileges:

sudo -s

Using sudo -s bypasses the need to log in with su, and instead grants a root shell via the sudoers file. Now that the shell has superuser access, run the password command and scramble the Root account with –lock.

passwd --lock root

Running the above command scrambles the Root account’s password so that logging in via su is impossible. From now on, users can only SSH in as a local user, then switch to a Root account via sudo privileges.

Read 3 Ways To Secure An SSH Server On Linux by Derrik Diener on AddictiveTips – Tech tips to make you smarter

How To Create A Dropbox Backup Server On Linux

A headless Dropbox backup server starts out by installing a command-line version of Dropbox. In this instance, we’ll make use of the Dropbox Uploader. It’s a script that makes automatically uploading content to Dropbox over the command-line very easy.

Install Git

To get this script, you’ll need to have the Git package installed on your Linux PC. Open up a terminal window and enter the following commands to get going with Git.

Ubuntu

sudo apt install git

Debian

sudo apt-get install git

Arch Linux

sudo pacman-S git

Fedora

sudo dnf install git

OpenSUSE

sudo zypper install git

Other Linuxes

Git is ubiquitous. As a result, users on even the most obscure Linux distribution should be able to install it. Use your package manager to search for “git”, and install it. Alternatively, check Pkgs.org for a downloadable installer.

Dropbox Uploader

Once the Git tool is installed, we can use it to grab the code for Dropbox Uploader. In the terminal, clone the source code on your Linux PC:

git clone https://github.com/andreafabrizi/Dropbox-Uploader.git

Using the CD command, move the terminal into the newly cloned Dropbox-Uploader folder.

cd Dropbox-Uploader

From here, the script can be used, but it won’t work correctly. To ensure that Dropbox Uploader runs right on Linux, you’ll need to update the permissions of it. Ultimately, the Dropbox Uploader tool is a Shell script, so a simple chmod will suffice.

chmod +x dropbox_uploader.sh

Dropbox Uploader works by running dropbox_uploader.sh. However, the tool also comes with a few other scripts that users can use to work with Dropbox. Optionally, update the permissions on these files to with:

chmod +x dropShell.sh

chmod +x testUnit.sh

Set Up Dropbox API

Now that the Dropbox backup software is on your Linux PC, we can set up the backup system. The first step is to create a new Dropbox app code. This code will be used to log Dropbox into your account. To create a new app, head over to the official developer page, find the “create app” button and click it.

Clicking the “create app” brings you to the API page. Select “Dropbox API” to continue.

Next, choose the level of access Dropbox Uploader should have. For best results, select “Full Access”. Doing this will allow it to work within multiple folders, inside your entire account, rather than just a single area.

Write in the name of the app and click the “create app” button to finish up.

After going through the process of creating an App in the developer center, you’ll be brought to the Dropbox app entry for the Upload tool. Scroll down, find “Generated access token” and click the “Generate” button.

Creating Backups

You’ve got a Dropbox API page set up for the uploader, and an access token to use with it. The next step is to associate the script with your account. To do this, go to the terminal and run the Dropbox Uploader tool.

./dropbox_uploader.sh

When you run the script for the first time, it will ask you for the access token. Go back to the Dropbox API page and copy the new access code from earlier.

After adding the new access code, it’s safe to start running backups. Start off by using the uploader to create a new folder:

./dropbox_uploader.sh mkdir Backup

Running mkdir will create a remote backup folder in your Dropbox account. From here, you’ll be able to upload files to it. To upload,  run the command below.

Note: Dropbox Uploader can handle more than just Tar.gz files. Customize the command below to upload any kind of file.

./dropbox_uploader.sh upload /home/username/location/of/file.tar.gz

Automate Backups

Manual upload is nice, but it’s better to automate these kinds of things. For this job, it’s best to use Cron. In a terminal, gain Root with su or sudo.

su –

or

sudo -s

In the Root shell, access Cron:

crontab -e

Choose the option to use Nano as the editor. Then, paste the following in the Cron file.

Note: this Cron command will tell your Linux PC to compress a backup and upload it to the Backup folder in Dropbox every day at 8:06 AM.

06 08 * * 6 tar -zcvf backup-$(date +%Y-%m-%d).tar.gz /home/username/;/home/username/Dropbox-Uploader/dropbox_uploader.sh upload /home/username/backup-$(date +%Y-%m-%d).tar.gz Backups

Save the command into Cron. Once saved, your PC will automatically take a snapshot of /home/username/, compress it to a Tar.gz archive, date it, and upload it to Dropbox. Don’t want to backup your entire home folder on a schedule? Customize the folder paths, so that it points to a specific folder.

If everything looks good, save the new Cron file in Nano with Ctrl + O.

Disable Automated Backups

Automatic backups to Dropbox are cool, but if you only want to deal with it manually, remove the command from Cron:

su -
crontab -e

Like before, save the edits with Ctrl + O. After saving, the automatic backup will stop.

Read How To Create A Dropbox Backup Server On Linux by Derrik Diener on AddictiveTips – Tech tips to make you smarter

How To Save Music CDs To Your Linux PC With Sound Juicer

Looking for a good way to convert your old physical CD collection to digital files on Linux? If so, we’ve got you covered. In this article, we’ll go over exactly how to turn Music CDs into digital files and convert them so they can upload to the cloud. Linux has many different programs that save Music CDs but by far the most user-friendly one out there is Gnome Sound Juicer.

Install Sound Juicer

To install it, open up a terminal, select your operating system below and enter the command to get going.

To use Gnome Sound Juicer, you’ll need Ubuntu, Debian, Arch Linux, Fedora or OpenSUSE.

Ubuntu

sudo apt install sound-juicer

Debian

sudo apt-get install sound-juicer

Arch Linux

sudo pacman -S sound-juicer

Fedora

sudo dnf install sound-juicer

OpenSUSE

sudo zypper install sound-juicer

Other Linuxes

Sound Juicer is an old program. As a result, it’s available on most Linux distributions without issue. To install it, open up Gnome Software, KDE Discover or use the terminal to search your package manager for “sound-juicer” and install it. Can’t find it? Don’t worry! The Gnome project has versions of this app’s source code downloadable. Grab the latest version of the source code and read the file INSTALL to learn how to compile it.

After installing the Gnome Sound Juicer correctly, open it up and move on to the next part of the tutorial.

Using Sound Juicer

Sound Juicer is a useful tool because it can scan the data on an audio CD, convert the files, and save them to various formats on your Linux PC. To get started, open up your CD/DVD disc drive and place in the audio CD. Sound Juicer should automatically detect that a Music CD is in the drive. If not, close the app and re-open it.

Note: Sound Juicer will not launch if it does not detect a CD/DVD drive connected to your Linux PC. If you plan to use an external USB disk drive, connect it before attempting to run the program.

The app should instantly read the CD. Additionally, it’ll attempt to use the Music Brainz database to detect and automatically assign metadata to what it thinks the album is. If your album isn’t detected, you’ll see the button “Edit Album”. Click this button and manually add the id3 metadata for the album.

When all information for the Music CD is added, click the “Select All” button, then hit “Extract” to convert the audio tracks on the CD to OGG music files. All files, once done with the Sound Juicer application, will save to a folder (with the artist name) inside of /home/username/Music/.

Converting OGG Files

At this point, it’s a good idea to point out that Sound Juicer converts audio tracks on albums to the OGG format. It is an open source format that enjoys pretty good support on a lot of different operating systems. However, if you have plans to upload your music to Google Play Music, Amazon Music, or others, this format isn’t a good one to use.

Sound Juicer can’t save in any other format, so you’ll need to also install an encoder. On Linux, the best encoder to use is FFmpeg. It runs through the command line but it’s the fastest and most versatile tool to use for this job. Open up a terminal and install FFmpeg to your PC.

Ubuntu

sudo apt install ffmpeg

Debian

sudo apt-get install ffmpeg

Arch Linux

sudo pacman -S ffmpeg

Fedora

sudo dnf install ffmpeg

OpenSUSE

sudo zypper install ffmpeg

Other Linuxes

Need FFMpeg on your Linux PC? Head over to the official website and learn how to build it from source. Otherwise, search your Linux distribution’s package manager for “ffmpeg” and install it.

Now that FFmpeg is taken care of, go back to the terminal window and CD into the ~/Music directory on your Linux PC. In this example, our Music CD is labeled “Unknown Artist”. Yours may differ.

cd ~/Music

Next, use the LS command to reveal the contents of Music. Look around for the Artist folder that corresponds with what you just saved in Sound Juicer.

ls

CD into the artist folder.

cd Unknown\  \Artist\Unknown\ \Title

Run the conversion command. Please note that you will need to do this for each individual file. In our example, we have 10 OGG files, so FFmpeg needs to convert 10 separate times.

Note: be sure to change “saved-track-file-name” and “new-track-file-name” to each file you’d like to convert.

ffmpeg -i saved-track-file-name.ogg new-track-file-name.mp3

Now that all OGG files are MP3 files, it’s safe to remove the old OGG files:

rm *.ogg

By using a wild-card, RM will only remove files with the OGG extension. The new MP3 files generated by FFmpeg remain in the same place as the original ones.

Read How To Save Music CDs To Your Linux PC With Sound Juicer by Derrik Diener on AddictiveTips – Tech tips to make you smarter