This Tutorial will guide you through the essential process of creating a new user with `sudo` privileges on your Ubuntu 24.04 server. While it might be tempting to perform administrative tasks directly as the `root` user, it’s a significant security risk. Operating with `sudo` allows you to execute commands with root privileges only when necessary, minimizing potential damage from accidental commands or security breaches. This practice significantly enhances the security and maintainability of your system.
Before you begin, ensure you have access to your Ubuntu 24.04 server, either directly or via SSH. You’ll need `root` access or an existing user with `sudo` privileges to perform these steps.
Step 1: Create a New User
The first step is to create a new standard user account. You can do this using the `adduser` command, which is a higher-level utility that handles creating the user’s home directory and setting up other defaults.
sudo adduser your_usernameReplace `your_username` with your desired username. The system will prompt you to create and confirm a password for the new user, and then ask for some optional information (like full name, room number, etc.). You can press `Enter` to skip these optional fields if you wish. Finally, confirm the information by typing `Y` and pressing `Enter`.
Step 2: Grant Sudo Privileges to the New User
Now that the user account is created, you need to grant it `sudo` privileges. On Ubuntu, users belonging to the `sudo` group are automatically granted `sudo` access. You can add your new user to this group using the `usermod` command.
sudo usermod -aG sudo your_username- `usermod`: This command is used to modify a user account.
- `-a`: This flag stands for “append,” meaning it will add the user to the specified group without removing them from other groups.
- `-G sudo`: This specifies the group to which the user should be added, which in this case is the `sudo` group.
Again, replace `your_username` with the actual username you created in Step 1.
Step 3: Verify Sudo Privileges
To confirm that your new user has `sudo` privileges, you should log out of your current session (if you’re logged in as root or another user) and then log back in as the newly created user. If you’re using SSH, simply open a new terminal session and connect with the new user:
ssh your_username@your_server_ipOnce logged in as the new user, try running a command that requires root privileges using `sudo`. For example:
sudo apt updateYou will be prompted to enter the password for `your_username`. If the command executes successfully without an “user is not in the sudoers file” error, then your user has been successfully granted `sudo` privileges.
Step 4 (Optional but Recommended): Disable Root Login via SSH
For enhanced security, it’s highly recommended to disable direct `root` login via SSH once you have a `sudo` user set up. This prevents brute-force attacks against the `root` account.
Edit the SSH daemon configuration file:
sudo nano /etc/ssh/sshd_configLook for the line `PermitRootLogin`. It might be commented out with a `#` or set to `yes`. Change it to `no`:
PermitRootLogin noSave the file (Ctrl+O, Enter, Ctrl+X if using nano) and then restart the SSH service for the changes to take effect:
sudo systemctl restart sshdNow, direct login as `root` via SSH will be denied, forcing all administrative tasks to go through your `sudo` enabled user.
By following these steps, you’ve successfully created a new user with `sudo` capabilities on your Ubuntu 24.04 server, significantly improving your server’s security posture and adhering to best practices for user management. Always remember to use `sudo` judiciously and only when necessary.
