In this tutorial we’ll create a `sudo` user on Ubuntu 18.04. The `sudo` command makes it possible for normal users to execute commands using administrator privileges, such as `root`.

You’ll often find that it’s recommended that you act as a sudo user, rather than root, when making changes to your system, as it’s more secure.

A few of the main reasons to use a sudo user instead of root are:

  • 1. It prompts you for the password before major changes can happen. This helps as it can make you think of the consequences of what you’re doing.
  • 2. sudo adds a log entry of the command(s) run `(in /var/log/auth.log)`. You can check what commands were run, should something go wrong.
  • 3. `root` is a default user on every server. Hackers know this and will attempt brute-force attacks on your server with the username `root`. They don’t know the usernames of your other users, however.
  • 4. You don’t have to share your `root` account with someone that needs to do administrative tasks on your machine.
  • 5. Authentication expires after a short time ( this can me edited ), so if you leave the terminal open, it won’t stay open indefinitely.

If you’d like to check all advantages and disadvantages of using a sudo user, instead of root, then you can find them on the Ubuntu community wiki page.

Steps to Creating a Sudo User

1. Log into your server via SSH

Log into your server as the `root` user.

If you are new to Linux, then follow this tutorial to connect to your server via SSH

2. Add a New User to Ubuntu

To add a new user, run the following command, replacing `newuser` with your desired user:

$ adduser newuser

The username you create should be in lowercase letters and with no special characters. If the user you create does not fit the criteria, then you’ll receive the following error:

adduser: Please enter a username matching the regular expression configured
via the NAME_REGEX[_SYSTEM] configuration variable.  Use the `--force-badname'
option to relax this check or reconfigure NAME_REGEX.

In my case, I’ll name my user `vlad`.

Once you run the command, you should see something like the following output:

Output

root@dracula:~# adduser vlad
Adding user `vlad’ …
Adding new group `vlad’ (1001) …
Adding new user `vlad’ (1001) with group `vlad’ …
Creating home directory `/home/vlad’ …
Copying files from `/etc/skel’ …

You will be prompted to enter a password you’d like to assign your new user. Please make sure that the password is a strong as possible.

New password:
Retype new password:
passwd: password updated successfully

After you’ve set your password, the command will create a home directory for the user, copy configuration files in the home folder and prompt you for your new user’s information. You can leave everything blank, and press `Enter` for each one to accept the defaults:

Changing the user information for vlad                                          
Enter the new value, or press ENTER for the default                             
        Full Name []:                                                           
        Room Number []:                                                         
        Work Phone []:                                                          
        Home Phone []:                                                          
        Other []:                                                               
Is the information correct? [Y/n] y

Once you’ve confirmed that the information you entered is correct, your user has been created and ready for use.

3. Add the New User to the Sudo Group

Now we’ll add our newly created user to the `sudo` group, thereby allowing it to execute commands with administrator privileges. To do this, run the following command, replacing `vlad` with the user you created:

$ usermod -aG sudo vlad
4. Login as the New Sudo User

Our new `sudo` user is all set up. Now all we have to do is switch to the new user account. We do this using the `su` command, as follows:

su - vlad

You may notice that once executed the command, your prompt will change and indicate that you are logged in as the new user, and not `root`.

root@dracula:~# su – vlad
vlad@dracula:~$

Test the Sudo User

Let’s make sure the sudo user is set up correctly and test if it has `sudo` access. If you haven’t switched to it, do so now, replacing `vlad` with your created username:

su - vlad

Use `sudo` to run the `whoami` command. The first time you use `sudo` in a session, you’ll be prompted to enter the user password.

vlad@dracula:~$ sudo whoami
[sudo] password for vlad:
root

If your user has `sudo` access, then the output of the `whoami` command should be `root`.

How to Use sudo

To use `sudo` with your new user, just prefix any command you’d normally run with `sudo` and a space.

Let’s try it out by listing the contents of the `/root` directory, which is normally only accessible by the `root` user. To do this run:

$ sudo ls -la /root
vlad@dracula:~$ sudo ls -la /root
total 40
drwx------  5 root root 4096 Nov 15 14:45 .
drwxr-xr-x 22 root root 4096 Nov 15 12:16 ..
drwxr-xr-x  2 root root 4096 Nov 15 12:09 .asciinema
-rw-------  1 root root 1568 Nov 20 14:39 .bash_history
-rw-r--r--  1 root root 3106 Apr  9  2018 .bashrc
drwx------  2 root root 4096 May 30 00:53 .cache
drwxr-xr-x  3 root root 4096 May 30 00:55 .local
-rw-------  1 root root   19 Nov 15 14:45 .mysql_history
-rw-r--r--  1 root root  148 Aug 17  2015 .profile
-rw-r--r--  1 root root  169 Nov 13 13:23 .wget-hsts

But what if we don’t use `sudo`? Let’s try this by running the command again without the use of `sudo`:

$ ls -la /root
vlad@dracula:~$ ls -la /root
ls: cannot open directory ‘/root’: Permission denied

As mentioned before, only users with `root` privileges can access the `/root` directory, so we are denied accessing it this time.

To view the process from start to finish you can check out the short video below, demonstrating the creation and use of a new sudo user:

Creating & Using a Sudo User on Ubuntu

Conclusion

Well done. You’ve learned how to create and use a new user with `root` privileges, which is an important and often overlooked step in securing your server.

If you’ve had any issues with this tutorial, then don’t hesitate to contact us or leave a comment below, and we’ll try to get back to you as soon as possible.

If you’re looking for high-performance servers at entry-level prices, then be sure to check out our KVM Linux Plans. Our offer starts at just $5.99/mo for 2GB RAM & 10GB SSD Linux VPS.

LIMITED TIME SPECIAL 💀

Enter your email below to get 20% OFF on any of our Linux VPS plans and receive weekly deals on our services!