root user has the power to do anything in your newly installed
Linux system. The heightened security privileges of the root account allows you to accomplish the system maintenance tasks. However, You should be careful with this great power - as uncle Ben said to Peter Parker (Spider-Man):
With great power comes great responsibility
You can easily and unintentionally destroy your system. Therefore it is not recommended to use root account in a regular basis.
In this tutorial, we will see how we can create a new account for using it in regular basis. The new user will have lowered security privileges and therefore will be able to harm the system. We will also see how can we clone the login credentials from the root account.
However, There are times and programs, when root security privilege are needed. Instead of login as root, to run those commands. We will allow this user to gain increased privileges and see how he can run the programs with the security privileges of the root account.
Step 1 - Login as root
Login to the system as root
user@home:~# ssh -i work.key root@work Welcome to Ubuntu 16.04.1 LTS (GNU/Linux 4.4.0-34-generic x86_64) ... root@work:~#
Step 2 - Creating the new account
Now, we will create the new user/account named
adduser command. You will be asked for a password for the account and some details about the user.
root@work:~# adduser dingo Adding user `dingo' ... Adding new group `dingo' (1000) ... Adding new user `dingo' (1000) with group `dingo' ... Creating home directory `/home/dingo' ... Copying files from `/etc/skel' ... Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully Changing the user information for dingo Enter the new value, or press ENTER for the default Full Name : dingo Room Number : Work Phone : Home Phone : Other : Is the information correct? [Y/n] Y
Step 3 - Cloning the login credentials
The following commands will allow the new user can login with the same private key as the root user.
root@work:~# mkdir /home/dingo/.ssh root@work:~# cat .ssh/authorized_keys | tee /home/dingo/.ssh/authorized_keys ssh-rsa AAAA ...
Step 4 - Allow user to gain increased privileges
root@work:~# nano /etc/sudoers
Add dingo line after root line in
User privilege specification
# User privilege specification root ALL=(ALL:ALL) ALL dingo ALL=(ALL:ALL) ALL
Testing the new user
dingo user can login with the credentials of the root
user@home:~# ssh -i work.key dingo@work Welcome to Ubuntu 16.04.1 LTS (GNU/Linux 4.4.0-34-generic x86_64) ... dingo@work:~#
However, It can not run commands which require root security privileges:
dingo@work:~# apt install apache2 E: Could not open lock file /var/lib/dpkg/lock - open (13: Permission denied) E: Unable to lock the administration directory (/var/lib/dpkg/), are you root?
When it is required to run a command as root, The
sudo command should be invoked. The
sudo command takes a command and invoked it as root. For example,
sudo whoami will run
whoami as root.
dingo@work:~$ whoami dingo dingo@work:~$ sudo whoami [sudo] password for dingo: root
Using this command, we can run the above command which require root privileges.
dingo@work:~# sudo apt install apache2 [sudo] password for dingo: ...