Add user manually (BusyBox / OpenWrt)

This guide explains how to manually create a local user on minimal systems such as OpenWrt or BusyBox environments where adduser and useradd are not available.

This method avoids manual /etc/shadow editing errors by using chpasswd.

The process requires editing:

/etc/passwd
/etc/group
Setting password via chpasswd

1. Determine Next Available UID

Automatically calculate the next free UID to avoid collisions.

Get next available UID

UID=$(($(awk -F: '{print $3}' /etc/passwd | sort -n | tail -1)+1))
echo "Next UID: $UID"

Verify Bash Exists (If Using Bash)

Before assigning /bin/bash, confirm it exists.

Verify bash

ls -l /bin/bash

If it does not exist, use /bin/ash instead.

Create Group

Create group entry

echo "wuseman:x:$UID:" >> /etc/group

Format:
```
groupname:x:GID:
```
Add User to /etc/passwd

Add user entry

echo "wuseman:x:$UID:$UID:wuseman:/home/wuseman:/bin/bash" >> /etc/passwd

Format:

username:x:UID:GID:comment:home:shell

Create Home Directory

Create home directory

mkdir -p /home/wuseman
chown $UID:$UID /home/wuseman
chmod 700 /home/wuseman

Set Password (Safe & Correct Method)

Set password using chpasswd

echo 'wuseman:password' | chpasswd

This:

Automatically generates the correct password hash
Sets proper last password change date
Updates /etc/shadow safely
Avoids * Formatting mistakes
Prevents “wrong password” issues
Requires no manual shadow editing
Verify User

Verify entries

grep wuseman /etc/passwd
grep wuseman /etc/shadow
ls -ld /home/wuseman

Notes

Ensure /bin/bash exists before assigning it as shell.
Always test login in a second SSH session before closing root.
Avoid hardcoding UID values.
Prefer chpasswd over manual /etc/shadow editing.
Consider SSH key authentication instead of passwords on production devices.

Security Reminder

Editing authentication files incorrectly can lock you out of the device.
Always verify access in a second session before logging out.