How to Create a Sudo User in Ubuntu 20

Create a sudo user in Ubuntu 20

In this article, you will learn how to create a new user with “sudo” privileges in Ubuntu 20 as an alternative to using your root user account. This is an ideal procedure for VPS, dedicated server host, or bare metal server hosting.

If you don’t need cPanel, don't pay for it. Only pay for what you need with our Cloud VPS solutions

check markCentOS, Debian, or Ubuntu    check markNo bloatware    check markSSH Key management made easy

Why Create a Sudo User?

Your cloud server VPS gives you instant access to the “root” user account, which holds all the power over your system, even the power to delete critical system files. Likewise, using your root user account to make changes to your system can be inconvenient when creating files that must be shared with other users or the world — like the public files of your website.

For this reason, it is often recommended that you avoid using the root user for everyday tasks. As an alternative, you can create a personal user account and add “super user” privilege. With your own “sudo” account, you can run commands as root by appending sudo to the command:

sudo <command>

Add a Sudo User

First, log into your server as root:

ssh [email protected]

Run the adduser command followed by the name of your new user:

adduser <user>

Fill in a secure password. For the rest of the rest of the prompts, like “Full Name,” “Room Number,” etc. you can put in actual values or press Enter to skip and answer “Yes”.

Finally, add the new user to the “sudo” group by running this command:

usermod -aG sudo <user>

You have now succeeded in creating a sudo user. To test the account, you can switch to it:

su <user>

You will see a success message indicating that you have switched to your sudo user:

To run a command as administrator (user "root"), use "sudo ".
See "man sudo_root" for details."

How to Log In With SSH Key

As you recall when first logging into your server as root, you had to provide a public key in the Account Management Panel, which will be used to authenticate your login, since password authentication is disabled by default.

Now that you have a sudo user, you can add your public key to new user account and actually disallow root login for added security.

Remember, even if you disallow root login, you can always assume the root user using the su command above.

Whil still logged in as the sudo user, edit the SSH configuration file:

sudo nano /etc/ssh/sshd_config

Add sudo to the line that begins with AllowGroups:

Before:

AllowGroups wheel root

After:

AllowGroups wheel root sudo

Update the line that begins with PermitRootLogin (if you want to disallow root login):

- PermitRootLogin without-password
+ PermitRootLogin no

Change directory to home:

cd

Make an .ssh directory:

mkdir .ssh

Change into the .ssh directory:

cd .ssh

Create an authorized_keys file:

nano authorized_keys

Paste your public key in the authorized_keys file.

Change permissions on the authorized_keys file:

chmod 600 authorized_keys

Change into the home directory again with cd and change permissions on the .ssh directory:

chmod 700 .ssh

Finally, make sure to restart the SSH service:

sudo service ssh restart

Well done! You should now be able to log into your server using the new sudo user. To test this out, open a new terminal session and give the login a try:

ssh <user>@example.com

If you are logged into your system without a problem then you have completed this tutorial perfectly.

CM
Christopher Maiorana Content Writer II

Christopher Maiorana joined the InMotion community team in 2015 and regularly dispenses tips and tricks in the Support Center, Community Q&A, and the InMotion Hosting Blog.

More Articles by Christopher

Was this article helpful? Let us know!