In this tutorial we’ll create a
sudo user on Ubuntu 18.04. The
sudo command makes it possible for normal users to execute commands using administrator privileges, such as
You’ll often find that it’s recommended that you act as a sudo user, rather than root, when making changes to your system, as it’s more secure.
A few of the main reasons to use a sudo user instead of root are:
- 1. It prompts you for the password before major changes can happen. This helps as it can make you think of the consequences of what you’re doing.
- 2. sudo adds a log entry of the command(s) run
(in /var/log/auth.log). You can check what commands were run, should something go wrong.
rootis a default user on every server. Hackers know this and will attempt brute-force attacks on your server with the username
root. They don’t know the usernames of your other users, however.
- 4. You don’t have to share your
rootaccount with someone that needs to do administrative tasks on your machine.
- 5. Authentication expires after a short time ( this can me edited ), so if you leave the terminal open, it won’t stay open indefinitely.
If you’d like to check all advantages and disadvantages of using a sudo user, instead of root, then you can find them on the Ubuntu community wiki page.
Steps to Creating a Sudo User
1. Log into your server via SSH
Log into your server as the
If you are new to Linux, then follow this tutorial to connect to your server via SSH
2. Add a New User to Ubuntu
To add a new user, run the following command, replacing
newuser with your desired user:
$ adduser newuser
The username you create should be in lowercase letters and with no special characters. If the user you create does not fit the criteria, then you’ll receive the following error:
adduser: Please enter a username matching the regular expression configured via the NAME_REGEX[_SYSTEM] configuration variable. Use the `--force-badname' option to relax this check or reconfigure NAME_REGEX.
In my case, I’ll name my user
Once you run the command, you should see something like the following output:
root@dracula:~# adduser vlad
Adding user vlad' ...
Adding new group vlad’ (1001) …
Adding new user vlad' (1001) with group vlad’ …
Creating home directory /home/vlad' ...
Copying files from /etc/skel’ …
You will be prompted to enter a password you’d like to assign your new user. Please make sure that the password is a strong as possible.
New password: Retype new password: passwd: password updated successfully
After you’ve set your password, the command will create a home directory for the user, copy configuration files in the home folder and prompt you for your new user’s information. You can leave everything blank, and press
Enter for each one to accept the defaults:
Changing the user information for vlad Enter the new value, or press ENTER for the default Full Name : Room Number : Work Phone : Home Phone : Other : Is the information correct? [Y/n] y
Once you’ve confirmed that the information you entered is correct, your user has been created and ready for use.
3. Add the New User to the Sudo Group
Now we’ll add our newly created user to the
sudo group, thereby allowing it to execute commands with administrator privileges. To do this, run the following command, replacing
vlad with the user you created:
$ usermod -aG sudo vlad
4. Login as the New Sudo User
sudo user is all set up. Now all we have to do is switch to the new user account. We do this using the
su command, as follows:
su - vlad
You may notice that once executed the command, your prompt will change and indicate that you are logged in as the new user, and not
root@dracula:~# su – vlad
Test the Sudo User
Let’s make sure the sudo user is set up correctly and test if it has
sudo access. If you haven’t switched to it, do so now, replacing
vlad with your created username:
su - vlad
sudo to run the
whoami command. The first time you use
sudo in a session, you’ll be prompted to enter the user password.
vlad@dracula:~$ sudo whoami
[sudo] password for vlad:
If your user has
sudo access, then the output of the
whoami command should be
How to Use sudo
sudo with your new user, just prefix any command you’d normally run with
sudo and a space.
Let’s try it out by listing the contents of the
/root directory, which is normally only accessible by the
root user. To do this run:
$ sudo ls -la /root
vlad@dracula:~$ sudo ls -la /root
drwx------ 5 root root 4096 Nov 15 14:45 .
drwxr-xr-x 22 root root 4096 Nov 15 12:16 ..
drwxr-xr-x 2 root root 4096 Nov 15 12:09 .asciinema
-rw------- 1 root root 1568 Nov 20 14:39 .bash_history
-rw-r--r-- 1 root root 3106 Apr 9 2018 .bashrc
drwx------ 2 root root 4096 May 30 00:53 .cache
drwxr-xr-x 3 root root 4096 May 30 00:55 .local
-rw------- 1 root root 19 Nov 15 14:45 .mysql_history
-rw-r--r-- 1 root root 148 Aug 17 2015 .profile
-rw-r--r-- 1 root root 169 Nov 13 13:23 .wget-hsts
But what if we don’t use
sudo? Let’s try this by running the command again without the use of
$ ls -la /root
vlad@dracula:~$ ls -la /root
ls: cannot open directory ‘/root’: Permission denied
As mentioned before, only users with
root privileges can access the
/root directory, so we are denied accessing it this time.
Well done. You’ve learned how to create and use a new user with
root privileges, which is an important and often overlooked step in securing your server.
If you’ve had any issues with this tutorial, then don’t hesitate to contact us or leave a comment below, and we’ll try to get back to you as soon as possible.
If you’re looking for high-performance servers at entry-level prices, then be sure to check out our KVM Linux Plans. Our offer starts at just $5.99/mo for 2GB RAM & 10GB SSD Linux VPS.