Security management

Managing users in Kali is not an everyday task, but you will probably use it occasionally. Personally, I rarely use the following commands, but sometimes, you might need to handle user management:

• To add a user with sudo capabilities in Kali, use the following command:

useradd -m [username] -G sudo -s /bin/bash

• If you're logged in and you want to elevate your privilege to a root user, try this command:

su - [desired root user name]

• If you're logged in and you want to execute a root command, use the following:

sudo [application name]

• To change the root (or any user's) password, use the following:

passwd [user name]

• The shadow file is important in Kali, because it stores the hashed passwords and some useful information about users. For example, I created a user called gus on Kali, so, to get his information, I should execute the following command:

ls /etc/shadhow | grep gus

#output
gus:$6$mNP6T4jA$sn0eAgo7o1pjSUxe6loigq1wWhC4agpWpWopv0mVBr2V21ZfU./hAMPJTO/7Ecajd0SVozLGwDOrc37hN1ktL0:17517:0:99999:7:::

Let's look at each field of the output that is separated by a : : 

• The first field is self-explanatory; it's the username (gus)
• The second field is the hashed password (the $6 means it's using the SHA-512 algorithm)
• The third field (17515) is the days in Unix time that the password was changed

• Field number four (0) specifies the number of days that are required between password changes
• Field five (9999) specifies the number of days after which it's necessary to change the password
• The next field (7) is the number of days before the required password change, and that the user gets a warning