Introduction
Privilege separation is one of the fundamental security paradigms implemented in Linux and Unix-like operating systems. Regular users operate with limited privileges in order to reduce the scope of their influence to their own environment, and not the wider operating system.
A special user, called root, has super-user privileges. This is an administrative account without the restrictions that are present on normal users. Users can execute commands with super-user or root privileges in a number of different ways.
In this article, we will discuss how to correctly and securely obtain root privileges, with a special focus on editing the /etc/sudoers
file.
We will be completing these steps on an Ubuntu 20.04 server, but most modern Linux distributions such as Debian and CentOS should operate in a similar manner.
This guide assumes that you have already completed the initial server setup discussed here. Log into your server as regular, non-root user and continue below.
Note: This tutorial goes into depth about privilege escalation and the sudoers
file. If you just want to add sudo
privileges to a user, check out our How To Create a New Sudo-enabled User quickstart tutorials for Ubuntu and CentOS.
How To Obtain Root Privileges
There are three basic ways to obtain root privileges, which vary in their level of sophistication.
Logging In As Root
The simplest and most straightforward method of obtaining root privileges is to directly log into your server as the root user.
If you are logging into a local machine (or using an out-of-band console feature on a virtual server), enter root
as your username at the login prompt and enter the root password when asked.
If you are logging in through SSH, specify the root user prior to the IP address or domain name in your SSH connection string:
ssh root@server_domain_or_ip
Copy
If you have not set up SSH keys for the root user, enter the root password when prompted.
Using su to Become Root
Logging in directly as root is usually not recommended, because it is easy to begin using the system for non-administrative tasks, which is dangerous.
The next way to gain super-user privileges allows you to become the root user at any time, as you need it.
We can do this by invoking the su
command, which stands for “substitute user”. To gain root privileges, type:
su
Copy
You will be prompted for the root user’s password, after which, you will be dropped into a root shell session.
When you have finished the tasks which require root privileges, return to your normal shell by typing:
exit
Copy
Using sudo to Execute Commands as Root
The final, way of obtaining root privileges th