Why create a new user with sudo privilege when you are the only person manage the server?

Maxfield

10/28/23, 4:29 AM

Please share some true use cases of benefits when you are the only admin of manage VPSs, I'm just hosted my first WordPress site. A lot of guide I read online suggests creating a new user after update and upgrade for the fresh Linux OS. I found that somehow annoying since type sudo every commands then often requires a password of that user. Searching online for the reasons, pretty much all point to security, but I can't see how creating a new user with sudo privilege can help since we just created a new root. (maybe I am doing it the wrong ways)

Can anyone please share how you create a new user with root privilege? and some real life benefits of doing so?

Let's we would like to host other applications on the same VPS, can a new user with root/sudo privilege can help use in some ways?

I follow this these steps for the new user,

read -p "Enter new username: "  username
adduser $username 
usermod -aG sudo $username

ufw app list
ufw allow OpenSSH
ufw enable
ufw status

183

1 + 0

security

linux

root

users

sudo

Score:0

Server

Phill W.

10/28/23, 6:48 AM

I found that somehow annoying since type sudo every commands ...

It might be easier to run sudo -i, which will start a new, interactive shell as root.

... then often requires a password of that user.

That depends on how you configure sudo.

I can't see how creating a new user with sudo privilege can help since we just created a new root.

No, you haven't.
You are creating a new account, that does not have root privileges when it logs in and whose activities, including its use of sudo, can be individually audited by the system. Those activities can be tracked back to the individual [account] that did them.

If you are doing anything that matters to a company, you should expect other people (e.g. Auditors) to be "nosing around" what you do at some point.

If you did "create a new root", then anyone that got hold of those credentials could log in without any individual accountability - you [all] log in "as root" and do things "as root" and there is no way of telling who did that doing. It was all done "by root" and that's the Problem.

Security is a two-edged sword - it needs to stop people doing things they shouldn't do but, if they somehow do manage to, you must have the means to find out who, what, when, why, and so on.

Can anyone please share how you create a new user with root privilege?

Not that you should, but I'll give you a clue - Linux doesn't care one jot about user names.
It does everything based on uids.

However, even if you logged in with such an account, with its own (very strong) password, your actions would still not be traceable back to this new account (because it would be indistinguishable from root).

+ 3

Maxfield

10/28/23, 7:20 AM

So if we are the only admin of our VPS with a vary strong password, we should create a new user with all the right privilege(not necessary with root privilege) since we can track down who, what, when and why. (Although our VPS is still hackable)?

Maxfield

10/28/23, 7:23 AM

Please commment on "usermod -aG sudo $username ", after creating the new user, then givn the user user sudo/root privilege, right? so what is the point if "your(new user) actions would still not be traceable back to this new account (because it would be "

Phill W.

10/28/23, 9:48 AM

Create a user with the right privileges to do the job? Absolutely, yes. Your usermod statement adds the user to a group named "sudo". Nothing more. If that group is allowed to sudo to root, then the user will "inherit" that ability.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Why create a new user with sudo privilege when you are the only person manage the server?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.