{"id":1313,"date":"2023-10-10T11:55:40","date_gmt":"2023-10-10T06:25:40","guid":{"rendered":"https:\/\/www.veeble.org\/kb\/?p=1313"},"modified":"2025-03-13T11:22:51","modified_gmt":"2025-03-13T05:52:51","slug":"disabling-root-login-and-creating-sudo-user-for-vps-security","status":"publish","type":"post","link":"https:\/\/www.veeble.com\/kb\/disabling-root-login-and-creating-sudo-user-for-vps-security\/","title":{"rendered":"Disabling Root Login and Creating a Sudo User for Strengthening VPS Security"},"content":{"rendered":"\n
\"Disabling<\/a><\/figure>\n\n\n\n

All Linux<\/a>-based systems come with a powerful root user who grants full machine privileges by default. This essentially implies that, upon your initial access to your Linux-based machine, you are effectively assuming the role of a superuser with unrestricted control. Nevertheless, for security reasons, it is strongly recommended to proactively disable direct root login via SSH.<\/p>\n\n\n\n

Disabling root login serves as a crucial security measure to prevent unauthorized access to your Linux-based system by any other user. It effectively limits access to superuser <\/a>privileges, ensuring that no one can gain unrestricted control through root access over SSH.<\/p>\n\n\n\n

To maintain a secure environment, we recommend creating an additional user account while adhering to best security practices. You can configure this new user with nearly all the necessary superuser privileges, providing a safer and more controlled approach to managing your system without compromising security<\/p>\n\n\n\n

In this article, we’ll walk you through this process step by step.<\/p>\n\n\n

Step 1: Create a New User and Set a Password<\/h2>\n\n\n

To start, let’s create a new user and set a password for them. Replace “user1” with your desired username:<\/p>\n\n\n\n

[root@nayana ~]# useradd user1\n\n[root@nayana ~]# passwd user1\n<\/code><\/pre>\n\n\n\n
Make sure to securely store this password, as you will require it whenever you use sudo to gain privileged access.<\/p>\n\n\n
Step 2: Generate an SSH Key Pair<\/h2>\n\n\n
Now, let’s generate an SSH key pair for the user. This key pair will enhance security and convenience for authentication:<\/p>\n\n\n\n
sudo -u user1 ssh-keygen -t rsa\n<\/code><\/pre>\n\n\n\n
This command generates an RSA key pair and saves it in the user’s home directory, typically at \/home\/user1\/.ssh\/. Ensure the private key remains safe.<\/p>\n\n\n

Step 3: Add the Public Key to Authorized Keys<\/h2>\n\n\n
To enable key-based authentication, we need to add the generated public key to the user’s authorized_keys file located in ~\/.ssh:<\/p>\n\n\n\n
sudo -u user1 mkdir -p \/home\/user1\/.ssh\nsudo -u user1 chmod 700 \/home\/user1\/.ssh\nsudo -u user1 touch \/home\/user1\/.ssh\/authorized_keys\nsudo -u user1 chmod 600 \/home\/user1\/.ssh\/authorized_keys\ncat \/home\/user1\/.ssh\/id_rsa.pub >> \/home\/user1\/.ssh\/authorized_keys\n\n<\/code><\/pre>\n\n\n
Step 4: Grant Sudo Privileges<\/h2>\n\n\n
To grant your new user sudo privileges, add them to the sudo group. Open the sudoers file using  and insert this line:<\/p>\n\n\n\n
user1 ALL=(ALL:ALL) ALL<\/p>\n\n\n\n
sudo visudo\n<\/code><\/pre>\n\n\n\n
\"sudoers<\/a><\/figure>\n\n\n\n
<\/p>\n\n\n
Step 5: Disable Root Login<\/h2>\n\n\n
For enhanced security, let’s disable root login via SSH. Edit the SSH daemon configuration:<\/p>\n\n\n\n
vi \/etc\/ssh\/sshd_config \n<\/code><\/pre>\n\n\n\n
Locate the line that reads PermitRootLogin and change it to:<\/p>\n\n\n\n
PermitRootLogin no<\/code><\/pre>\n\n\n\n
\"disable<\/a><\/figure>\n\n\n\n
Finally, restart the SSH service:<\/p>\n\n\n\n
systemctl restart sshd<\/code><\/pre>\n\n\n\n
These steps will ensure that your system is secure and configured for safe and efficient management.<\/p>\n\n\n\n
Now, the “user1” should be able to SSH into the server using their private key and will have sudo privileges, while root access via SSH is disabled. Make sure to securely store the private key on the user’s local machine and follow best practices for SSH security.<\/p>\n\n\n\n
<\/div>\n\n\n\n
Managed VPS Hosting, Simplified.<\/h3>
Unlock the potential of your website with Veeble VPS. Experience powerful hosting without the hassle. Get started today!<\/p><\/div>
Explore Plans<\/path><\/svg><\/a><\/div><\/div>\n","protected":false},"excerpt":{"rendered":"
All Linux-based systems come with a powerful root user who grants full machine privileges by default. This essentially implies that, upon your initial access […]<\/p>\n","protected":false},"author":9,"featured_media":8035,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[9],"tags":[],"class_list":["post-1313","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-firewallsecurity"],"uagb_featured_image_src":{"full":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2023\/10\/Disabling-Root-Login-and-Creating-a-Sudo-User-for-Strengthening-VPS-Security.jpg",1366,768,false],"thumbnail":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2023\/10\/Disabling-Root-Login-and-Creating-a-Sudo-User-for-Strengthening-VPS-Security-150x150.jpg",150,150,true],"medium":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2023\/10\/Disabling-Root-Login-and-Creating-a-Sudo-User-for-Strengthening-VPS-Security-300x169.jpg",300,169,true],"medium_large":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2023\/10\/Disabling-Root-Login-and-Creating-a-Sudo-User-for-Strengthening-VPS-Security-768x432.jpg",768,432,true],"large":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2023\/10\/Disabling-Root-Login-and-Creating-a-Sudo-User-for-Strengthening-VPS-Security-1024x576.jpg",1024,576,true],"1536x1536":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2023\/10\/Disabling-Root-Login-and-Creating-a-Sudo-User-for-Strengthening-VPS-Security.jpg",1366,768,false],"2048x2048":["https:\/\/www.veeble.com\/kb\/wp-content\/uploads\/2023\/10\/Disabling-Root-Login-and-Creating-a-Sudo-User-for-Strengthening-VPS-Security.jpg",1366,768,false]},"uagb_author_info":{"display_name":"Nayana Nair","author_link":"https:\/\/www.veeble.com\/kb\/author\/nayana\/"},"uagb_comment_info":0,"uagb_excerpt":"All Linux-based systems come with a powerful root user who grants full machine privileges by default. This essentially implies that, upon your initial access […]","_links":{"self":[{"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/posts\/1313","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/comments?post=1313"}],"version-history":[{"count":10,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/posts\/1313\/revisions"}],"predecessor-version":[{"id":8037,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/posts\/1313\/revisions\/8037"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/media\/8035"}],"wp:attachment":[{"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/media?parent=1313"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/categories?post=1313"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.veeble.com\/kb\/wp-json\/wp\/v2\/tags?post=1313"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}