Table of Contents
In this article, you will learn how to create a new user with “sudo” privileges in Ubuntu 20 as an alternative to using your root user account. This is an ideal procedure for VPS host, dedicated server host, or bare metal server hosting.
If you don’t need cPanel, don't pay for it. Only pay for what you need with our scalable Cloud VPS Hosting.
CentOS, Debian, or Ubuntu No Bloatware SSH and Root Access
Why Create a Sudo User?
Your cloud server VPS gives you instant access to the “root” user account, which holds all the power over your system, even the power to delete critical system files. Likewise, using your root user account to make changes to your system can be inconvenient when creating files that must be shared with other users or the world — like the public files of your website.
There are some similarities and distinctions between the sudo user and the cPanel user, for traditional VPS users. Those of you familiar with managed VPS hosting with cPanel will be familiar with how the cPanel account doubles as an SSH user with appropriate access. However, the cPanel user is not strictly a “sudo” user who can invoke root privileges as needed.
For this reason, it is often recommended that you avoid using the root user for everyday tasks. As an alternative, you can create a personal user account and add “super user” privilege. With your own “sudo” account, you can run commands as root by appending sudo to the command:
Add a Sudo User
First, log into your server as root:
Run the adduser command followed by the name of your new user:
Fill in a secure password. For the rest of the rest of the prompts, like “Full Name,” “Room Number,” etc. you can put in actual values or press Enter to skip and answer “Yes”.
Finally, add the new user to the “sudo” group by running this command:
You have now succeeded in creating a sudo user. To test the account, you can switch to it:
You will see a success message indicating that you have switched to your sudo user:
How to Log In With SSH Key
As you recall when first logging into your server as root, you had to provide a public key in the Account Management Panel, which will be used to authenticate your login, since password authentication is disabled by default.
Now that you have a sudo user, you can add your public key to new user account and actually disallow root login for added security.
Remember, even if you disallow root login, you can always assume the root user using the su command above.
Whil still logged in as the sudo user, edit the SSH configuration file:
Add sudo to the line that begins with AllowGroups:
Before:
After:
Update the line that begins with PermitRootLogin (if you want to disallow root login):
Change directory to home:
Make an .ssh directory:
Change into the .ssh directory:
Create an authorized_keys file:
Paste your public key in the authorized_keys file.
Change permissions on the authorized_keys file:
Change into the home directory again with cd and change permissions on the .ssh directory:
Finally, make sure to restart the SSH service:
Well done! You should now be able to log into your server using the new sudo user. To test this out, open a new terminal session and give the login a try:
If you are logged into your system without a problem then you have completed this tutorial perfectly.
