How to create sudo users

Introduction

A "sudo" user has similar permissions to the root account by default. You must create a "sudo" user if you wish to disable direct root logins.

How to disable direct root logins.

Additionally, if you'd like to create a reseller without a domain, but with sudo access, please see our documentation:

How to Create a WHM Reseller Without an Associated Domain | cPanel Docs

Procedure

1. Create a user.
   • You can create a new cPanel account, though this will count towards your total cPanel users for licensing purposes.
   • Or you can use the adduser command to add a system user.
2. Check the new user's shell
   • Ensure the new user is set to use Normal Shell in "WHM / Account Functions / Manage Shell Access."
3. Add the user to the wheel group.
   • Go to "WHM / Security Center / Manage Wheel Group Users" and move the user you've just created into the wheel group.
     • This step allows the user access to the sudo command.
4. Restart the SSH daemon.
   • From "WHM / Restart Services," restart the SSH Daemon to ensure the updated user configuration is loaded.
5. Test Access.
   • Attempt to log in as your new user via SSH.
   • Once logged in, run "sudo su" and enter your password.
     • By default, the prompt will change from $ to #.
   • Then, run "whoami"
     • The expected return is "root"

Troubleshooting

If your wheel user cannot use the sudo command to gain root access, ensure the wheel group is permitted to use sudo:

grep '%wheel' /etc/sudoers

This should contain:

%wheel ALL=(ALL) ALL

You should not edit the /etc/sudoers file directly but use the command visudo to make changes.

visudo