In this tutorial we’ll create a `sudo` user on Ubuntu 18.04. The `sudo` command makes it possible for normal users to execute commands using administrator privileges, such as `root`.
You’ll often find that it’s recommended that you act as a sudo user, rather than root, when making changes to your system, as it’s more secure.
A few of the main reasons to use a sudo user instead of root are:
- 1. It prompts you for the password before major changes can happen. This helps as it can make you think of the consequences of what you’re doing.
- 2. sudo adds a log entry of the command(s) run `(in /var/log/auth.log)`. You can check what commands were run, should something go wrong.
- 3. `root` is a default user on every server. Hackers know this and will attempt brute-force attacks on your server with the username `root`. They don’t know the usernames of your other users, however.
- 4. You don’t have to share your `root` account with someone that needs to do administrative tasks on your machine.
- 5. Authentication expires after a short time ( this can me edited ), so if you leave the terminal open, it won’t stay open indefinitely.
If you’d like to check all advantages and disadvantages of using a sudo user, instead of root, then you can find them on the Ubuntu community wiki page.
Steps to Creating a Sudo User
1. Log into your server via SSH
Log into your server as the `root` user.
If you are new to Linux, then follow this tutorial to connect to your server via SSH
2. Add a New User to Ubuntu
To add a new user, run the following command, replacing `newuser` with your desired user:
$ adduser newuser
The username you create should be in lowercase letters and with no special characters. If the user you create does not fit the criteria, then you’ll receive the following error:
adduser: Please enter a username matching the regular expression configured via the NAME_REGEX[_SYSTEM] configuration variable. Use the `--force-badname' option to relax this check or reconfigure NAME_REGEX.
In my case, I’ll name my user `vlad`.
Once you run the command, you should see something like the following output:
You will be prompted to enter a password you’d like to assign your new user. Please make sure that the password is a strong as possible.
New password: Retype new password: passwd: password updated successfully
After you’ve set your password, the command will create a home directory for the user, copy configuration files in the home folder and prompt you for your new user’s information. You can leave everything blank, and press `Enter` for each one to accept the defaults:
Changing the user information for vlad Enter the new value, or press ENTER for the default Full Name : Room Number : Work Phone : Home Phone : Other : Is the information correct? [Y/n] y
Once you’ve confirmed that the information you entered is correct, your user has been created and ready for use.
3. Add the New User to the Sudo Group
Now we’ll add our newly created user to the `sudo` group, thereby allowing it to execute commands with administrator privileges. To do this, run the following command, replacing `vlad` with the user you created:
$ usermod -aG sudo vlad
4. Login as the New Sudo User
Our new `sudo` user is all set up. Now all we have to do is switch to the new user account. We do this using the `su` command, as follows:
su - vlad
You may notice that once executed the command, your prompt will change and indicate that you are logged in as the new user, and not `root`.
Test the Sudo User
Let’s make sure the sudo user is set up correctly and test if it has `sudo` access. If you haven’t switched to it, do so now, replacing `vlad` with your created username:
su - vlad
Use `sudo` to run the `whoami` command. The first time you use `sudo` in a session, you’ll be prompted to enter the user password.
If your user has `sudo` access, then the output of the `whoami` command should be `root`.
How to Use sudo
To use `sudo` with your new user, just prefix any command you’d normally run with `sudo` and a space.
Let’s try it out by listing the contents of the `/root` directory, which is normally only accessible by the `root` user. To do this run:
$ sudo ls -la /root
But what if we don’t use `sudo`? Let’s try this by running the command again without the use of `sudo`:
$ ls -la /root
As mentioned before, only users with `root` privileges can access the `/root` directory, so we are denied accessing it this time.
To view the process from start to finish you can check out the short video below, demonstrating the creation and use of a new sudo user:
Creating & Using a Sudo User on Ubuntu
Well done. You’ve learned how to create and use a new user with `root` privileges, which is an important and often overlooked step in securing your server.
If you’ve had any issues with this tutorial, then don’t hesitate to contact us or leave a comment below, and we’ll try to get back to you as soon as possible.
If you’re looking for high-performance servers at entry-level prices, then be sure to check out our KVM Linux Plans. Our offer starts at just $5.99/mo for 2GB RAM & 10GB SSD Linux VPS.