In most of our guides, we use the root user to deploy software. This is because we create a new virtual server for use when creating the guide. Most users won’t have the luxury of a clean server to install software to so for security it’s best practice to create a sudo user and not the root user of the server.
SUDO users are users with administrative permissions on your system. These users use their own username and password to login to the server and run tasks just like the Root user would. It is advised to create a SUDO user to manage your server rather than using the root account. You can disable root logins once you have a working SUDO user. This would make it harder for a malicious user to compromise your server because they would not know which user has root permissions. In this article, we will show you how to create a SUDO user.
Create a SUDO user using the usermod command
First things first! always update your system. Make it a rule of thumb that every time you log in to your server you run a yum update. This way your system will always be kept up-to-date. The usermod command adds users to the Wheel group of users and on CentOS systems, this group of users already has administrative privileges.
First, create a new user which you will use as your SUDO
user adduser First2HostThen, create a password for this user.
passwd First2HostFinally, add the user to the VPS Servers Wheel group using the usermod command. Users in the Wheel group already have administrative privileges.
usermod -aG wheel First2HostYou can now use the SU command to switch to this user and test that the user does indeed have administrative privileges.
su First2HostThen, try to list some files in the root directory. Remember, you need to place sudo in front of any commands you run.
sudo ls -la /rootOr try installing Nano to your system.
sudo yum install nano -yProviding your new Linux SUDO user works you can then proceed to restrict access to the root account. If you plan to change your SSH settings to prevent root logins why not also change your SSH port to increase the security of your system whilst you are in that file.
