I do everything as root or create a User su and give permissions to it?

I have a doubt that I carry with me to time … so I get my root login via email … I access my server via ssh, already come in as root, I know I create a user and privileges to him. or continue as root to go installing LAMP, wordpress etc … since I already have all privileges, because the need to create another User and privileges? I have problem with permissions do everything as root? because I have this habit, even in my linux person I already do a sudo su all made that run a terminal.

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Thanks repox! success for you.

This comment has been deleted

It could be a matter of personal preference, so that is also what this answer will be.

The following is considered being done with the root user till it’s stated otherwise.

I for one always secure my setup - to me this means that you authenticate with SSH keys to your server and not with password authentication.

Please read this great tutorial from the DigitalOcean tutorial archive on how to set it up correctly.

One thing not mentioned in that tutorial is how to disable root login via SSH. This is done to additionally secure your server setup. To do so, edit your /etc/ssh/sshd_config config file:

  1. nano /etc/ssh/sshd_config

… and change the PermitRootLogin setting to no:

PermitRootLogin no

When you’re done editing, press CTRL+X and Y to save your changes.

Remember to restart the SSH daemon after you made the changes.

  1. service ssh restart

When I have a secure setup, I always add a new user and give this user sudo rights.

For starters, you issue the command (remember to replace username with whatever username you’d like):

  1. adduser username

This will create a user with the username your provided as the second argument. Secondly, you need to give the user some sudo rights. I do this by adding the user to a sudoers.d file

  1. nano /etc/sudoers.d/username

Put in the following into that file:


When you’re done editing, press CTRL+X and Y to save your changes.

Now, notice that the user has a NOPASSWD setting which allows the user to use sudo privileges without providing a password. This can be considered unsafe, but with the new secure SSH settings I believe that will suffice.

Now, the sudoers file needs the right permissions:

  1. chmod 0440 /etc/sudoers.d/username

Now you should switch to your new user and add your public SSH key to the users authorized_keys file. To switch to that user, use the su command:

  1. su username

Now you’re working as the new user. The new user doesn’t have any local SSH settings, which means we need to create the ~/.ssh/authorized_keys file manually. Create the directory first:

  1. mkdir ~/.ssh

Now, create and edit the authorized_keys file and paste in your public key

  1. nano ~/.ssh/authorized_keys

When you’re done editing, press CTRL+X and Y to save your changes.

Now you should be able to connect from your local machine with your private key to the new user.

  1. ssh username@remote-host

From here you can do sudo installs from your new user.

This is my preferred method of doing it.