How useradd Works in Linux — Explained Step by Step

1. Creating a Basic User

When you run:

sudo useradd azam

This adds user entries into system databases:

• /etc/passwd → general user info (username, UID, GID, shell, etc.)
• /etc/group → new group for the user (a group is a collection of users that share permissions on files or resources)
• /etc/shadow → password info (initially empty)

Check with:

grep azam /etc/passwd

Example output:

azam:x:1001:1001::/home/azam:/bin/sh

Here’s what each field means:

• azam → Username
• x → Password placeholder (actual password stored in /etc/shadow)
• 1001 → User ID (UID)
• 1001 → Group ID (GID)
• → Comment or description (optional)
• /home/azam → User’s home directory
• /bin/sh → Default shell

2. Setting Password and Verifying

Now, set the password for the user:

sudo passwd azam

After setting the password “azam”, an entry appears in /etc/shadow:

azam:$6$rounds=656000$F7hT1WGrlBkOVnYx$eZQ5qQ4cWEtfKpo0k6AcMZ8KUp7yB4uAK/JK4rj4PqQqAVn9dc4psgXhHuF0QoB8IEkF3GvklvZpZfDH2ULZZ.:19914:0:99999:7:::

$6$ indicates SHA-512 hashing. The long string after it is the salt and encrypted password hash.

3. How Logging In Works

When you try to log in as azam using ssh or login, Linux performs these steps:

1. Checks /etc/passwd for the username and default shell.
2. Retrieves the hashed password from /etc/shadow.
3. Hashes the entered password using the same algorithm and salt.
4. Compares the hash with the stored hash; if they match, login succeeds.
5. Sets the user environment, changes to /home/azam, and launches the shell.

This is why having entries in /etc/passwd and /etc/shadow is crucial for authentication and environment setup.