Create Sudo User on Debian
This guide explains how to create a new user account with sudo privileges on a fresh Debian Linux installation.
These instructions should be executed as the root user.
If you're not logged in as root, you'll need to prefix each command with sudo
.
These instructions have been tested on Debian 11 (Bullseye) and 12 (Bookworm) but should work on other Debian Linux distributions.
Create New User
First, create a new user account with a home directory and bash shell:
adduser --shell /usr/bin/bash --home /home/username --verbose username
You'll be prompted to:
- Set a password (use a strong password)
- Enter optional user information (name, phone, etc.)
Add Sudo Privileges
Add the new user to the sudo group to grant administrative privileges:
usermod -aG sudo username
This command adds the user to the sudo
group, allowing them to execute commands with root privileges by using the sudo
prefix.
Verify Setup
To confirm the user was created correctly and has proper sudo access:
1. Check group membership
groups username
The output should include sudo
among the listed groups.
2. Test sudo access
su - username
sudo whoami
If properly configured, the sudo whoami
command should return root
after entering the user's password.
Common Issues
If the user can't execute sudo commands, verify:
1. Sudo group membership
getent group sudo
will list all users in the sudo
group. Make sure the new user is listed.
2. Sudo configuration
sudo cat /etc/sudoers.d/README
Make sure there are no syntax errors in the sudoers configuration.
Disable Root user Login
For added security, consider disabling the root user login:
sudo passwd -l root
This command locks the root account, preventing direct login and SSH access.
To check if the root account is locked:
sudo passwd -S root
Example output:
root L 2024-12-19 0 99999 7 -1
The L
in the second column indicates the account is locked.
Additional Notes
- Choose a strong password when creating the user
- Consider disabling root login after confirming sudo access works
- Document the new user credentials in a secure location
- Some systems may use
wheel
instead ofsudo
as the administrative group
Always follow your organization's security policies when creating new user accounts and granting sudo privileges.
Resources
- Debian Wiki: System Administrator's Guide
- Debian Manual: User Management