1. Introduction

Access management is a key component of securing a Linux system. The most typical way of achieving this is by including password protections.

However, sometimes, we may not need a password. For example, when creating a guest account for temporary access or if we need to set up some automated tasks.

In this tutorial, we’ll see how we can set up a passwordless account on Linux.

2. Creating a New User

First, let’s set up a new account/user with a home directory.

$ sudo useradd -m userX

Let’s ensure that the current user has sudo privileges to allow them to create a new user (userX). We’ll use the new account for demonstration.

3. Removing Password Access

3.1. Normal User

To ensure that our user has a passwordless login, we need to delete their password using:

$ sudo passwd -d userX

If we decide to switch to a userX from our login screen, our system will take us to the homepage without showing the password input.

3.2. Sudo User

If our new user had sudo privileges, we would have to handle the passwordless login a little differently.

Note that with Ubuntu 22.04, the method in the previous section should still work just fine. However, with an older version of Ubuntu, the user may be asked for the password when they try to use sudo ( even though they don’t have a password ).

Let’s first add the user to the sudoers file using the following:

$ sudo usermod -aG sudo userX

Next, we need to modify the /etc/sudoers.tmp file. We will add a line that ensures our new user has sudo permissions without being asked for a password.

To open this file, run the following command:

$ sudo visudo

We can then add the line below to the file:

userX ALL=(ALL) NOPASSWD:ALL

Notice that we haven’t used the vim or nano editors. This is because it’s insecure to use these editors. In case we make a mistake in the sudoers.tmp file, this could affect sudo permissions with other users.

However, if we are using visudo, syntax validation is automatically handled upon saving the file, and this protects us from potentially breaking the system’s privileges.

visudo uses the nano editor in the background. In case we wish to change this to another editor that we’re more familiar with (such as vim), we can run the following:

$ sudo update-alternatives --config editor

The will display the options shown above, and we can choose the desired one using the corresponding number:

There are 3 choices for the alternative editor (providing /usr/bin/editor).

Selection Path Priority Status
------------------------------------------------------------
* 0 /bin/nano 40 auto mode
1 /bin/ed -100 manual mode
2 /bin/nano 40 manual mode
3 /usr/bin/vim.tiny 15 manual mode

Press <enter> to keep the current choice[*], or type selection number:

4. Security Considerations

For almost all practical reasons, having a passwordless user is not advisable. We would rather have a weak password than none at all.

To set a new password for the user, we can use:

$ sudo passwd userX

5. Conclusion

In this article, we have learned how to create a Linux user account without password protection. Let’s remember that we should use this only on a temporary or experimental basis.

Comments are closed on this article!