How to Create a Sudo User in Ubuntu 16

In this article, we’re going to show you how you can create users on your Ubuntu Cloud VPS Hosting. We’ll also discuss:

  • Why you should create users as an alternative to using root
  • How to create a sudo user in Ubuntu
  • How to log in with an SSH key instead of a password

Why You Should Create Users

Your Cloud VPS account lets you instantly log in as the most powerful user: root. This allows you the option of using the root user for setting up your VPS environment to your individual specifications. But, using the root user can be hazardous: one wrong command can destroy your account. For this reason, it is generally considered a best practice to use a unique user account with “superuser”, or, sudo privileges instead of the root account for your regular maintenance and admin tasks.

Below, we will walk you through the whole process of creating the user, adding the necessary privileges, and locking up your root user in the hopes of preventing unwarranted access.

How to Create a New User on Ubuntu

Note: the first step is completed on your local computer. If you’ve added your SSH key to your account this login will succeed without a password. Where necessary below substitute username with the username you want to use on your account.

  1. Log into your server as the root user, replacing “example.com” with your primary domain:
    ssh root@example.com
  2. Run this command as the root user to create the user account
    useradd username
  3. Fill in a secure password and you can skip the other prompts if you want
  4. To add the new user to the “sudo” group, run this command as the root user
    usermod -a -G sudo username

We have now created a user account we can use for every day administrative tasks.

But, in order to access higher level commands, you will need to add the word sudo at the beginning of your command line, for example:

 $ sudo apt-get update

How to Log in with SSH Keys

Password authentication is automatically disabled for security reasons. This means you must use SSH keys to gain access to your Cloud VPS. We have full guides on how to create SSH keys you can install on your account for the root user, but adding an SSH key for the user we just created requires a few more steps.

  1. Switch to new user (which still logged in from above)
    su username
  2. Edit the SSH configuration file
    sudo nano /etc/ssh/sshd_config
  3. Add sudo to the line that begins with AllowGroups:
    - AllowGroups wheel root
    + AllowGroups wheel root sudo
  4. Add sudo to the line that begins with PermitRootLogin:
    - PermitRootLogin without-password
    + PermitRootLogin no
  5. Change directory to home
    cd
  6. Make .ssh directory
    mkdir .ssh
  7. Change into .ssh directory and create authorized_keys file
    nano authorized_keys
  8. Paste your public key into the authorized_keys file
  9. Change permissions for the .ssh directory
    chmod 700 ~/.ssh
  10. Change permissions for the authorized_keys file
    chmod 600 ~/.ssh/authorized_keys
  11. Make sure to restart your SSH service:
    sudo service ssh restart

You will now be able to log into Ubuntu with your new user account, and root user logins through SSH are no longer permitted. However, before closing out of this terminal sessions, let’s test out what we’ve done. Open a new terminal window and test your login with:

ssh username@example.com

If you are logged into your system without a problem then you’ve completed this tutorial perfectly. Let us know below if you have any questions or comments.

Leave a Reply