In this article, you will learn how to create a new user with “sudo” privileges in Ubuntu 20 as an alternative to using your root user account. This is an ideal procedure for VPS, dedicated server host, or bare metal server hosting.
If you don’t need cPanel, don't pay for it. Only pay for what you need with our Cloud VPS solutions.
CentOS, Debian, or Ubuntu No bloatware SSH Key management made easy
Why Create a Sudo User?
Your cloud server VPS gives you instant access to the “root” user account, which holds all the power over your system, even the power to delete critical system files. Likewise, using your
root user account to make changes to your system can be inconvenient when creating files that must be shared with other users or the world — like the public files of your website.
For this reason, it is often recommended that you avoid using the root user for everyday tasks. As an alternative, you can create a personal user account and add “super user” privilege. With your own “sudo” account, you can run commands as root by appending
sudo to the command:
Add a Sudo User
First, log into your server as root:
adduser command followed by the name of your new user:
Fill in a secure password. For the rest of the rest of the prompts, like “Full Name,” “Room Number,” etc. you can put in actual values or press Enter to skip and answer “Yes”.
Finally, add the new user to the “sudo” group by running this command:
usermod -aG sudo <user>
You have now succeeded in creating a sudo user. To test the account, you can switch to it:
You will see a success message indicating that you have switched to your sudo user:
To run a command as administrator (user "root"), use "sudo ".
See "man sudo_root" for details."
How to Log In With SSH Key
As you recall when first logging into your server as root, you had to provide a public key in the Account Management Panel, which will be used to authenticate your login, since password authentication is disabled by default.
Now that you have a sudo user, you can add your public key to new user account and actually disallow root login for added security.
Remember, even if you disallow root login, you can always assume the root user using the
su command above.
Whil still logged in as the sudo user, edit the SSH configuration file:
sudo nano /etc/ssh/sshd_config
Add sudo to the line that begins with AllowGroups:
AllowGroups wheel root
AllowGroups wheel root sudo
Update the line that begins with PermitRootLogin (if you want to disallow root login):
- PermitRootLogin without-password + PermitRootLogin no
Change directory to home:
Change into the
Create an authorized_keys file:
Paste your public key in the authorized_keys file.
Change permissions on the authorized_keys file:
chmod 600 authorized_keys
Change into the home directory again with
cd and change permissions on the
chmod 700 .ssh
Finally, make sure to restart the SSH service:
sudo service ssh restart
Well done! You should now be able to log into your server using the new sudo user. To test this out, open a new terminal session and give the login a try:
If you are logged into your system without a problem then you have completed this tutorial perfectly.