Help Center
Home Server & Cloud Infrastructure Cloud Server

Creating a sudo-enabled user

For Cloud Server, VPS, Virtual Server, Dedicated Server, and Server Power Deals

By default, the root user is set up when Linux is installed. This user has all rights to administer the operating system. The other users initially have no administrator authorizations. Authorised users can execute programs with root rights using the sudo command. This article explains how to create a sudo-enabled user.

Create user

CentOS Stream 8, CentOS Stream 9, AlmaLinux 8, AlmaLinux 9, Rocky Linux 8, and Rocky Linux 9

  • Log in as the root user on the desired server.

  • To create a new user, enter the following command:

    [root@localhost ~]# adduser USERNAME

    Example:

    [root@localhost ~]# adduser johndoe

  • To set the password for the new user, enter the following command:

    [root@localhost ~]# passwd USERNAME

    Example:

    [root@localhost ~]# passwd johndoe

  • Enter the desired password and repeat it.
     

Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04, Debian 10, Debian 11 and Debian 12

  • Log in as the root user on the desired server.

  • To create a new user, enter the following command:

    [root@localhost ~]# adduser USERNAME

    Example:

    [root@localhost ~]# adduser johndoe

  • Enter the desired password and repeat it.

  • Optional: Enter additional user information. To skip entering this information, press the Enter key.

    Changing the user information for johndoe
    Enter the new value, or press ENTER for the default
    Full Name [ ]:
    Room Number [ ]:
    work Phone [ ]:
    Home Phone [ ]:
    Other [ ]:
    Is the information correct? [Y/n]

  • Type Y and press the Enter key.
     

Suse Linux

  • Log in as root user on the desired server.

  • To create a new user, enter the following command:

    localhost: ~ # useradd USERNAME

    Example:

    localhost: ~ # useradd johndoe

  • To set the password for the new user, enter the following command:

    localhost: ~ # passwd USERNAME

    Example:

    localhost: ~ # passwd johndoe

  • Enter the desired password and repeat it.

Test sudo and install if necessary

  • Test whether sudo is installed. To do this, enter the following command:

    sudo ls -la /root

    If the message bash: sudo: command not found is displayed, sudo is not installed.

  • If sudo is already installed, you can skip this step. To install sudo, enter the following command:

    CentOS Stream 8, CentOS Stream 9, AlmaLinux 8, AlmaLinux 9, Rocky Linux 8 and Rocky Linux 9

    yum install sudo -y

    Debian and Ubuntu

    apt install sudo

    Suse Linux

    zypper in sudo

Install Vim

If the Vim editor is not installed, enter the following command(s) to install the program:

CentOS Stream 8, CentOS Stream 9, AlmaLinux 8, AlmaLinux 9, Rocky Linux 8 and Rocky Linux 9

sudo yum install vim

Ubuntu and Debian

sudo apt-get install vim

Suse Linux

sudo zypper search vim
sudo zypper install vim

Assign sudo rights to a user

CentOS Stream 8 and CentOS Stream 9, AlmaLinux 8, AlmaLinux 9, Rocky Linux 8 and Rocky Linux 9

To assign sudo rights to a user in CentOS 7, CentOS Stream 8, and CentOS Stream 9 you must add the user to the wheel group. To add the user to this group, enter the following command:

[root@localhost ~]# usermod -aG wheel USERNAME

Example:

[root@localhost ~]# usermod -aG wheel johndoe

To check whether the change was successful, enter the following command:

localhost:~ # groups USERNAME

Example:

localhost:~ # groups johndoe


Debian and Ubuntu

To assign sudo rights to a user in Debian and Ubuntu, you must add the user to the sudo group. To add the user to this group, enter the following command:

[root@localhost ~]# usermod -aG sudo USERNAME

Example

[root@localhost ~]# usermod -aG sudo johndoe

To check whether the change was successful, enter the following command:

localhost:~ # groups USERNAME

Example:

localhost:~ # groups johndoe

 

Suse Linux

To assign sudo rights to a user in Suse Linux, proceed as follows:

  • Search for the packages system-group-wheel and system-user-mail. Enter the following command:

    localhost:~ # zypper se wheel mail

  • To install the packages, enter the following commands:

    localhost:~ # sudo zypper install system-group-wheel
    localhost:~ # sudo zypper install system-user-mail

  • Open the file /etc/sudoers with the editor vim. Enter the following command:

    localhost:~ # visudo

  • Make sure that the commenting out has been cancelled in the following lines. The # character at the beginning of the line may need to be removed:

    # Defaults targetpw # ask for the password of the target user i.e. root

    and

    # ALL ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'!

Note

The vim editor has an insert mode and a command mode. You can call up insert mode with the i key. In this mode, the characters entered are immediately inserted into the text. To call up command mode, press the ESC key. If you use command mode, your keyboard input is interpreted as a command.

Warning!

If you only uncomment the line "Defaults targetpw" and leave the line ALL ALL=(ALL) ALL # WARNING! commented, all users will have access to the root level of the utilities by entering their own password.

  • Search for the entry User privilege specification.

  • To grant all members of the wheel group the rights to execute all commands, you must remove the # character at the beginning of the following line to remove the comment:

    # %wheel ALL=(ALL) ALL

  • To save the changes, press the Escape key and then enter the following command:

    :wq

  • To assign sudo rights to a user, you must add the user to the wheel group. To add the user to this group, enter the following command:

    localhost:~ # usermod -a -G wheel USERNAME

    Example:

    localhost:~ # usermod -a -G wheel johndoe

  • To check whether the change was successful, enter the following command
     

    localhost:~ # groups USERNAME

    Example:

    localhost:~ # groups johndoe

  • Create the file /etc/sudoers.d/userpw with vi. To do this, enter the following command:

    localhost:~ # vi /etc/sudoers.d/userpw

  • Add the following entry:

    Defaults !targetpw

  • To save the changes, press the Escape key and then enter the following command:

    :wq

Test sudo-enabled user

To test whether the sudo authorizations work, proceed as follows:

  • To change the user, enter the following command:

    [root@localhost ~]# su USERNAME

    Example:

    [root@localhost ~]# su johndoe

  • List the contents of the /root directory. To do this, enter the following command:

    [johndoe@localhost ~]$ sudo ls -la /root

  • If you are using sudo for the first time in a session, you will be asked to enter the user's password.

  • Enter the user's password.

Content