How to give root permission to another user without sudo
Hi want to create a new user in Ubuntu that is same as root who can login using SSH keys, the only difference is the username. (No use of sudo)
I know the risks but it's in my private Network with strict authentication. Thanks ☺️
Solution 1:
You can actually do this, although I can't imagine any reason why you would want to. You can create a new user with the same user ID (UID) as root
. Note that this isn't actually a "new" user, it is just a different user name for the same user. However, you will be able to log in using this name instead of root.
First, create a new user and set their UID to 0
, the UID of the root account:
useradd -d /fool -g root -m -N -o -u 0 -s /bin/bash fool
The options used are:
-
-d /fool
: set this user's$HOME
to/fool
. -
-g root
: set this user's default group toroot
. -
-m
: create the user's home directory if it does not exist. -
-N
: do not create a group with the same name as the user, just add the user to the group specified by-g
. -
-o
: allow the creation of a user with the same UID as another, existing user. -
-u 0
: set this user's UID to0
(same asroot
). -
-s /bin/bash
: set the user's default login shell tobash
. -
fool
: the user name will befool
.
After running this command, you will be able to log in as fool
:
terdon@ub20:~$ sudo -iu fool
root@ub20:~# whoami
root
root@ub20:~# cd
root@ub20:~# pwd
/fool
As you can see, I have logged in as fool
, but whoami
(which is based on the UID) sees me as root
, while cd
will take me to /fool
. I have all the rights of the root
user, because I am the root
user, but my user name and home directories are different. You can now proceed to allow root access over ssh (at your own peril) and log in as fool
instead of root
. This is all cosmetic, you're still really logging in as root
, but that's what you seem to want.
Solution 2:
From a safety perspective, what you want to do obviously is not done and highly recommended against.
Still, it is possible in linux to have different user names representing the same user. So if you want to set up a user name that can act fully as root, you can in principle make a different login name for the root user. One of the reasons why it is extremely imprudent to log in as root by default is that human error easily can cause breakage of the entire system.