How To View System Users on Ubuntu Linux (For Safer Server Management)

When you log in to an Ubuntu Linux server, one of the first questions is simple: who else can get in here? If you’re doing real system administration or running a Linux VPS hosting setup, you can’t afford to guess.

This guide walks through practical ways to view system users and groups on Ubuntu (or almost any modern Linux distro), using only built‑in tools. By the end, you’ll be able to see every account on the box, understand what it’s for, and keep access under control with less guesswork and more confidence.

Before You Start

You’ll need:

• An Ubuntu 22.04 (or similar) Linux server

• SSH or console access

• A user with permission to read system files (normal users can read the files we use)

If you’re experimenting and don’t want to risk a production machine, spin up a disposable test server first. That’s just good habits for any cloud hosting setup.

Why System Users Matter on a Linux Server

On Linux, “users” are not just people.

• You have human users like alice, bob, and root.

• You have service users like www-data (web server), mysql (database), and others.

Each user has its own permissions. When a service gets hacked, you want the damage locked inside that one account as much as possible. That isolation is one of the reasons Linux remains popular in server hosting and VPS hosting.

So to manage your server safely, you first need to know which users exist and what they do.

Listing All System Users with /etc/passwd

Linux keeps basic user information in a plain text file:

bash
/etc/passwd

Every line in this file represents a single user on the system.

Step 1: View the Raw User List

Run:

bash
less /etc/passwd

You’ll see lines that look like this:

text
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
...

Each line is split into fields separated by : (colon). For now, the only field you really care about is the first one: the username.

• root

• daemon

• bin

• sys

• sync

• games

• …

Press q to quit less.

This gives you the full picture, but it’s a bit noisy. Let’s pull out only the usernames.

Step 2: Show Only Usernames

Use cut to split the file on : and print just the first field:

bash
cut -d: -f1 /etc/passwd

Sample output:

text
root
daemon
bin
sys
sync
games
...

Now you’ve got a clean list: one username per line.

If you want to sort them:

bash
cut -d: -f1 /etc/passwd | sort

This is usually enough to answer the basic question: “Which accounts exist on this Linux server?”

Understanding Some Special Users

A few names will look familiar:

• root – the all‑powerful administrative user

• Your own login user – the account you’re using now

Others are more “system-y”:

• www-data – typically owns web server processes

• mysql or postgres – database users

• daemon, sys, and friends – internal system accounts

These accounts keep privileges separated. If one service is compromised, the attacker is stuck with whatever that user can access, not the whole box.

That separation is a big part of stable and secure Linux server administration.

Listing Groups with /etc/group

Users are only half of the story. Groups let you give shared permissions to sets of users.

Group information lives in another text file:

bash
/etc/group

Step 1: View All Groups

Run:

bash
less /etc/group

You’ll see something like:

text
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
...

Again, each line is split by ::

• First field: group name (root, adm, tty, etc.)

• Other fields: group ID and members (we’ll ignore those for now)

Press q to exit less.

Step 2: Show Only Group Names

As with users, you can trim it down to just the group names:

bash
cut -d: -f1 /etc/group

Sample output:

text
root
daemon
bin
sys
adm
tty
disk
...

Now you have a quick list of all groups on the system.

What Are “User Private Groups” (UPG)?

You may notice many groups have the same name as users. This is a common scheme called user private groups.

Rough idea:

• Each user gets a private group with the same name.

• That group becomes the user’s primary group.

• The system often uses a looser umask like 002 instead of 022.

Why this matters:

• It plays well with shared directories.

• When a directory has the setgid bit set, any files created inside inherit the group owner of the directory, not the user’s private group.

• That makes collaboration easier: multiple users can edit files in a shared directory without constantly fixing permissions.

You don’t have to memorize this, but it helps when you’re debugging “Why can’t this user read that file?” on a Linux VPS hosting environment.

Quick Check: Who Is Logged In Right Now?

So far you’ve seen who can exist on the system. Sometimes you also want to know who is actually logged in.

A simple command:

bash
who

You’ll get output like:

text
alice pts/0 2025-11-20 10:15 (203.0.113.10)
bob pts/1 2025-11-20 10:20 (:0)

This shows active sessions. It’s not as detailed as log history, but it’s a quick “who’s here right now?” check.

Practicing on a Safe Test Server

Messing with users and groups on a live production box is never fun when something goes wrong. A small typo in /etc/passwd can lock people out or break services.

A safer workflow:

1. Practice commands on a test server.

2. Confirm you understand what each change does.

3. Only then repeat it on production.

If you need a clean sandbox with full root access and don’t want to wait around for provisioning, you can use a hosting provider that gives you instant Linux servers.

👉 Spin up an instant Ubuntu Linux server on GTHost and practice user management without risking production

Once you’re comfortable, you can apply the same /etc/passwd and /etc/group tricks on your real infrastructure with much more confidence.

FAQ

Q: How can I list only “real” human users on Ubuntu?
Many system accounts have low user IDs (UIDs). On many Ubuntu systems, human users start at UID 1000. You can filter like this:

bash
awk -F: '$3 >= 1000 {print $1}' /etc/passwd

This prints usernames with UID 1000 or higher, which are usually the interactive users.

Q: Is it safe to edit /etc/passwd and /etc/group by hand?
Technically yes, but it’s easy to break things. In most cases you should use tools like useradd, usermod, and groupadd, which know how to update these files correctly. If you must edit by hand, make a backup first and test on a non‑critical server.

Q: Will these commands work on other Linux distributions?
Yes. Files like /etc/passwd and /etc/group are standard across almost all Linux distributions, not just Ubuntu. The exact default users and groups might differ, but the basic tools and patterns are the same.

Conclusion

You’ve seen how to list users and groups on Ubuntu Linux using /etc/passwd, /etc/group, and a few simple commands like less, cut, and who. With these, you can quickly answer “who exists on this server” and “who’s logged in” without installing any extra tools.

For real‑world Linux VPS hosting or cloud hosting, you want that same simplicity in your infrastructure: fast access, clear control, and predictable behavior. That’s why GTHost is suitable for Linux server hosting scenarios where you need instant Ubuntu servers with full root access and stable performance.