[powerkit_collapsible title=”Not using Debian? Choose a different version or distro.”]
Ubuntu
CentOS
[/powerkit_collapsible]
The sudo
command (originally standing for superuser do) is a program in Unix-like operating systems for running commands as other users, by default root
.
Sudo allows a system administrator to give selected users the ability to run some (or all) commands as root while logging all commands and arguments.
Commands may be run as a specific user, the user’s default shell, or any other user’s shell. Sudo operates on a per-command basis.
By default, Linux prevents access to certain parts of the system for non-root users, but with the sudo command you can access these parts without needing to log in as root every time.
It’s important to take into careful consideration what users on your system can use sudo
. Commands that require root privileges aren’t commands that a standard user usually needs access to, for risk of damaging the system if something is done incorrectly – something that the system administrator wouldn’t allow to happen. This is why this has been the security model for years.
In this article, we will discuss the step-by-step process of creating a sudo user in Debian.
Table of Contents
Creating a Sudo User in Debian
If you’re assigning sudo access to an old user, then skip to step 3.
Step 1: Log in as a Root User
To create a sudo user, first, log in as a root user:
ssh root@server_ip_address
Step 2: Create a New User Account
While logged in as a root user, create a new user with the adduser command alongside the name of the user:
adduser username
As the name indicates, adduser command is used to create a new user. It allows you to modify the configuration files of the new user.
Next, you will be prompted to set and confirm a password for the sudo user. Make sure that the password is strong (recommended: a combination of letters, numbers, and special characters) and it will be used to access the sudo user account.
New password: Retype password: passwd: password updated successfully
The sudo command will create a home directory for the user and copy several configuration files to it. Next, the terminal asks a few general user information questions like full and home phone numbers. You can fill in the information or press enter to leave the fields blank.
Changing the user information for mruser Enter the new value, or press ENTER for the default Full Name []:⏎ Room Number []:⏎ Work Phone []:⏎ Home Phone []:⏎ Other []:⏎ Is the information correct? [Y/n] Y
Step 3: Add The User to The Sudo Group
You don’t need to create a new user each time to create a sudo user. Rather, a root user can add any other user to the sudo group. In the Ubuntu and Debian systems, each user in the sudo group gets sudo access.
Add a user to the sudo group using the usermod command, replacing username with your user:
usermod -aG sudo username
This command is a bit complicated, here’s what it does:
- usermod is used to modify the attributes of an already created user account.
- -aG adds a user to a specific group. The -a options add the user to a new group without removing it from the current groups. Whereas, G states the group where you want to add the user. In this case, a and G go together.
- sudo is the group where we are adding the users.
- username is the name of the user being added to the sudo group.
Test The Sudo Access
Once you’ve created the sudo user, the next step is to test its sudo access. For that, switch to the new user using the su command:
su -username
Now, type the sudo and whoami commands and press enter. If the user has sudo access, then it will return root.
sudo whoami
Output:
root
How to Use The Sudo Command in Debian
A sudo user can run any command with root access by typing sudo space and the command. Here’s how a sudo user can view details of the root directory:
sudo ls -la /root
Output:
[sudo] password for username:
On each new session, you will be prompted to enter the user password.
Conclusion
Hopefully this article helped you create a sudo user in Debian, and now you can use the sudo command to run any other command with administrative privileges.
If you have any questions, feel free to leave a comment or contact us and we’ll get back to you as soon as we can.