Do you need to share the power of root with other users without disclosing the root password? This article will explain how to share root access through SSH; it has no effect on Plesk or cPanel/WHM.
Why Would You Want to Do This?
When a server is managed by multiple people, it may become practical to provide certain users access to the root to complete various tasks; however, it is not necessary for all users to log into the root user.
How to Share Root Access via SSH
- Connect to SSH via root.
- Run the command:
This will allow you to edit permissions for sudo command users.
To Grant a User Full Permission:
- Check the file for the line:
root ALL=(ALL) ALL
This means that the root user can execute tasks from ALL terminals, acting as ALL (any) users and run ALL (any) command.
- Enter additional lines, replacing "root" with the user name of other users on the server you wish to add. For example:
chris ALL=(ALL) ALL
This line allows the user access to the server root without requiring the user to login as the root user.
When added users try to access the root server, they will be prompted to enter their own user password to login. For example, to make an update to yum, the user above would enter the following command:
chris@localhost> sudo yum update
Password for chris: _
After entering the appropriate password, the command will then be executed just the same as if it were run by the root user.
To Grant a Group Full Permission
Similarly, root access can be granted to a group where everyone included is a trusted user. For example, if all members of the Admin team make up a group called "admin," the root user could easily grant root access to everyone in the group with a line such as:
This will give everyone in the admin user group access to all sudo powers.