A good security practice is learning how to create a sudo user, and give root privileges.
Learning programing is interesting. And so is building your online project.
But securing this project is important, in an online world filled with dangerous people.
Sudo command allows a system administrator, to run program commands with the security privileges of root user. By default this root user is the superuser.
The sudo command sometimes prompts for password, to execute commands.
Steps to Create a New Sudo User
Follow these steps to create a new sudo user.
1. SSH into your server
The first step is to ssh into your server using an ssh client like putty, or whatever ssh clients you use. On mac you can use terminal.
ssh [email protected]_ip_address
2. Use adduser command to create new user
The next step is to use the adduser command to create a new user in your server terminal. Make sure you replace usernaeofchoice, to your preferred username of choice.
Follow the prompt and input the data required accurately. Make sure data inputted will be remembered.
3. Use usermod command to add usernameofchoice to sudo group
After that, you will need to add the newly created usernameofchoice to sudo group, with root priviledges, by using the usermod command.
usermod -aG sudo username
4. Test whether usernameofchoice has root priviledges
The next step, will be to test whether the usernameofchoice has root priviledges. This is because some people after creating user, they might disable root access.
You don’t want to disable root access, when your usernameofchoice doesn’t have root priviledges, it will be complete madness.
As such, you need to make sure you test, before you deploy.
First you need to switch to the usernameofchoice, by using the su command.
su - usernameofchoice
Next you need to run a command that an account with only an account with root privileges, can perform.
sudo ls -la /root
Of course the first time you perform a command with root privileges, the system will ask you for password. Just input your password and then we are good.
sudo ls -la /root
Note: If user is not in the sudo group, the system will warn you, that user does not have required permissions, to perform action.
But if user is in the sudo group, then the command will run perfectly.
Summary of Steps to Create a New Sudo User
- SSH into your server
- Use adduser command, and fill in the details asked. Make sure you replace usernameofchoice with the username you want.
- Next you will use the usermod command to add the usernameofchoice to sudo group or sudoers. Ubuntu gives member of sudo group sudo privileges.
- Next you will need to test sudo access on the new user account, and test whether the account has superuser privileges, which is only accessible to the root user.