Create sudo user under Debian
This guide explains how to create a new user account with sudo privileges on a fresh Debian Linux installation.
These instructions should be executed as the root user. If you're not logged in as root, you'll need to prefix each command with sudo.
These instructions have been tested on Debian 11 (Bullseye) and 12 (Bookworm) but should work on other Debian Linux distributions.
Create new user
First, create a new user account with a home directory and bash shell:
adduser --shell /usr/bin/bash --home /home/username --verbose usernameReplace username with the desired username for the new account.
You'll be prompted to:
- Set a password (use a strong password)
- Enter optional user information (name, phone, etc.)
Add sudo privileges
Add the new user to the sudo group to grant administrative privileges:
usermod -aG sudo usernamewhere username is the name of the new user.
This command adds the user to the sudo group, allowing them to execute commands with root privileges by using the sudo prefix.
Verify setup
To confirm the user was created correctly and has proper sudo access:
1. Check group membership
groups usernamewhere username is the name of the new user.
The output should include sudo among the listed groups.
2. Test sudo access
Switch to the new user and test sudo access:
su - username
sudo whoamiwhere username is the name of the new user.
If properly configured, the sudo whoami command should return root after entering the user's password.
Disable root user login (optional)
To increase security, consider disabling the root user login:
sudo passwd -l rootThis command locks the root account, preventing direct keyboard login and SSH access.
To check if the root account is locked:
sudo passwd -S rootExample output:
root L 2024-12-19 0 99999 7 -1The L in the second column indicates the account is locked.
Resources
- Debian Wiki: System Administrator's Guide
- Debian Manual: User Management