Removing a user account in Linux protects system integrity when access is no longer required, such as after an employee departure or a project handover. Deprovisioning unused logins reduces the attack surface and keeps authentication data aligned with current organizational needs.
User accounts are represented by entries in /etc/passwd, /etc/shadow, and /etc/group, along with a home directory and optional mail spool. On Debian and Ubuntu systems, the deluser utility coordinates removal across these files and related directories, avoiding manual edits that can introduce inconsistencies. Using a single purpose-built command ensures account data, group memberships, and ownership references are updated in a predictable way.
Account removal is inherently destructive because it can detach or delete personal files, application state, and SSH keys. Important data should be backed up before any deletion occurs, and system or service accounts should not be removed without understanding their role. The following procedure assumes a Debian or Ubuntu environment using deluser with a regular, non-system user account.
Steps to delete a user in Linux:
- Open a terminal with sudo privileges.
$ whoami root
Administrative access via sudo or a root shell is required for account management.
- List local user accounts and identify the login to remove.
$ getent passwd | tail -4 polkitd:x:992:992:User for polkitd:/:/usr/sbin/nologin backupuser:x:1004:1004:,,,:/home/backupuser:/bin/bash opsuser:x:1006:1006:,,,:/home/opsuser:/bin/bash appuser:x:1005:1007:,,,:/home/appuser:/bin/bash
Substitute appuser with the actual login name targeted for removal in subsequent commands.
- Confirm that the target entry corresponds to a regular user and not a system account.
$ getent passwd appuser appuser:x:1005:1007:,,,:/home/appuser:/bin/bash
Low numeric UIDs (for example, below 1000 on many distributions) typically indicate system or service accounts that should not be removed casually.
- Delete the user account and remove the associated home directory.
$ sudo deluser --remove-home appuser info: Looking for files to backup/remove ... info: Removing files ... info: Removing crontab ... info: Removing user `appuser' ... userdel: group appuser not removed because it is not the primary group of user appuser.
Using --remove-home permanently deletes the user’s home directory and mail spool, making recovery difficult without a prior backup.
To retain the home directory while removing only the account, omit the option and run sudo deluser appuser instead.
- Confirm that the account and group entries no longer exist.
$ id appuser id: 'appuser': no such user
Empty grep results for the username confirm that the primary account and any matching group entries have been removed from system databases.
- Verify that the user’s home directory has been removed or retained as intended.
$ ls -l /home total 12 drwxr-x--- 2 backupuser backupuser 4096 Dec 28 11:21 backupuser drwxr-x--- 2 opsuser opsuser 4096 Dec 28 11:21 opsuser drwxr-x--- 2 ubuntu ubuntu 4096 Oct 13 14:12 ubuntu
Absence of a directory matching the deleted username indicates that /home cleanup was completed by deluser.
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.
