Disable root login
The root user should not be used on a production server. It's required for initial setup but should be disabled after that.
However, before we can disable root login, we need to make sure an alternate user account exists and is in the
Creating a new user
To create a new user, and home directory, do the following:
useradd -m -g sudo -s /bin/bash pocket && passwd pocket
This will create a new user
bin/bash. A home directory will also be created.
If you want to specify the location of the home directory, you can use the
-d option followed by the path to the home directory.
sudo is installed
Before disabling root login, we need to make sure
sudo is installed. To do this, run the following command:
This will return the path to the
sudo command. If it returns
sudo is installed.
sudo is not installed, you can install it with the following command:
apt install sudo
If you have to install
sudo, you'll also need to add your user to the
sudo group. To do this, run the following command:
usermod -aG sudo pocket
The previous command will add the
To verify that the
sudo group, run the following command:
This will return the group membership for the
Confirming a user is in the
The last thing you'll want to do before disabling root login is to make sure
sudo works for your user. To do this, run the following command to switch to the
su - pocket
Then run the following command to verify that
sudo works for the
sudo apt update
This is a command that requires root privileges. If you get an error, your user does not have root privileges.