In Linux and other Unix-like systems, the root account has the highest access rights on the system. It is used specifically for system administration purposes.
The root user (sometimes referred to as the superuser) has all rights or permissions (to all files and programs) in all modes (single or multi-user).
Operating a Linux system especially a server using the root account is considered insecure for several reasons. These include among others the risk of damage from accidents (e.g running a command that erases the filesystem), and running system applications with elevated privileges opening the system to security vulnerabilities. Besides the root account is a target for every attacker.
With respect to the above security concerns, it is recommended to use the sudo command to gain root privileges when a system user really needs to. On Ubuntu, the root account is disabled by default and the default account is an administrative account which uses sudo to gain root privileges.
In this short article, we will explain how to create a sudo user on Ubuntu Linux distribution.
Creating a New Sudo User in Ubuntu
1. Log in to your Ubuntu server as the root user.
$ ssh root@server_ip_address
2. Next, create a new sudo user using the useradd command as shown, where an admin is a username. In the following command, the
-m flag means to create the user’s home directory if it doesn’t exist,
-s specifies the user’s login shell and
-c defines a comment to be stored in the account file.
$ sudo useradd -m -s /bin/bash -c "Administrative User" admin
3. Create a password for the admin user using the passwd utility and confirm the new user’s password. A strong password is highly recommended!
$ sudo passwd admin
4. To enable the user
admin to invoke sudo to perform administrative tasks, you need to add the user to the sudo system group using the usermod command as follows, where the
-a option means to append user to a supplementary group and
-G specifies the group.
$ sudo usermod -aG sudo admin
5. Now test sudo access on a new user account by switching to admin’s account (enter admin’s account password when prompted).
$ su - admin
6. Once switched to
admin user, verify that you can run any administrative task, for example, try to create a directory tree under the
/ directory by adding
sudo to the command.
$ mkdir -p /srv/apps/sysmon $ sudo mkdir -p /srv/apps/sysmon
The following are other guides about sudo that you will find useful:
- 10 Useful Sudoers Configurations for Setting ‘sudo’ in Linux
- How to Show Asterisks While Typing Sudo Password in Linux
- How to Keep ‘sudo’ Password Timeout Session Longer in Linux
That’s all for now. In this guide, we have shown how to create a sudo user on Ubuntu. For more details about sudo, see “man sudo_root“. Do you have any questions or thoughts to share? If yes, reach us via the feedback form below.