Super User or root in Linux is a user who has all the rights and permissions including the administrative rights to the system. More often than not, the root is the super user on the Linux systems. Because of this it is usually advisable not to use root as the everyday user on the system even if it is a single user system.
You should create a different user with just the required permissions for everyday use. These are certain advantages to this, as described below:
Separate File System: This allows you to maintain a separate file system than the root user and all your user files are kept elsewhere in your home folder.
Security Risk: Because of the “unlimited” permissions provided to the root, it is often possible to accidentally change system wide configuration or remove system files that you did not intend to or should not .
Accidents: This is probably the most common and the main reason. Mistyping commands and badly coded scripts can wipe out entire directories and files that were not intended.
Once in a while, you will need to login as root or the super user in order to perform some administrative tasks. This could include operations such as installing new software, updating the kernel, mounting disks, starting and stopping services, changing permissions or ownership of files or changing any system wide configuration.
Many systems also disable the super user from logging in directly into the X or the desktop environment, as a security precaution. You will need to login as the normal user and then change to the super user from the command prompt. The command that allows you to login as root is su (short for Super User).
Of course, it goes without saying that you can only login or switch to super user, if and only if you have the credentials (ie. password) for it.
bash$ su - <username>
su can actually be used to switch the login to any user on the system. If and when you execute the command without the user name argument, then super user is assumed and you can login as root. You will be prompted for the password if applicable. The command below will prompt you for the root user password.
bash$ su -
The below command will prompt for the user tom and you will be logged in as tom once authenticated.
bash$ su - tom
You can also execute the command without the “-” (ie. Hyphen) in the su command. When you do not use -, your environment is inherited by the new user (ie, root or tom). When you specify the – in the command, then the new user’s environment is loaded and executed. Thus, the following command also be used, depending on which environment you want to use after logging in.
The above su command example is the simplest and will do the job in most cases.
The sudo allows you to execute commands with the security privileges of another user. Anything you can do with sudo can be done with the su command as well, provided you have the credentials.
sudo is a command similar to su, but with additional restrictions on how the authentication works and what can be done. Although much of this can be very specific to your system and how your administrator have configured it, there are many common features of sudo command.
Usually you are authenticated using your own password rather than the target user’s password as with the su command. It can be configured to use root password or no password at all.
In the sudoers (/etc/sudoers) file, you can specify rules that define the use of sudo. This includes security policy or information as to who can execute which commands and also as to who can impersonate which other users etc.
The command below executes the specified command, using the shell that is defined in the environment or in the password database. The -s option is optional.
bash$ sudo -s <command>
You can use the -u command line option to specify the user that you want to execute the command as. If you do not specify a user, then the root user is assumed.
bash$ sudo -u tom -s <command>
The below command executes the specified command as super user or root.
bash$ sudo <command>
Remote systems are usually no different than the local systems. You can login as usual into the remote system and then switch user using su or sudo from the command prompt or the terminal. You might also be to login as root or super user directly as well.
If you are using ssh and if remote root logins are allowed on your system, then you can use the following command to login as root into the system. Beware that allowing remote root logins are considered a security risk and is usually not permitted on most systems.
bash$ ssh root@mymachine
You should remember to logout as soon as you have performed the operations. You can exit using either the exit command or pressing Ctrl-d on the keyboard. This should get you back to the environment and the user that you initially logged in as.