How To Create a New Sudo-enabled User on Rocky Linux

The sudo command provides a way to grant selected administrative privileges, which are normally limited to the root user, to regular user accounts. This guide shows you how to create a new user with sudo access on Rocky Linux, without having to modify your server’s /etc/sudoers file.

• Use sudo instead of logging in as root: Create a non-root user and run administrative commands with sudo so that routine work does not happen in a full root shell.
• Rocky Linux grants sudo through the wheel group: Any user you add to the wheel group can run commands with sudo without you editing /etc/sudoers directly.
• You only need a few commands:
  1. Log in as root.
  2. Run adduser to create the account.
  3. Run passwd to set a password.
  4. Run usermod -aG wheel to grant sudo access.
• Always test new sudo access: Switch to the new user with su - username and run a simple command such as sudo whoami or sudo ls -la /root to confirm that sudo is working.
• Harden SSH and networking afterwards: After you have a sudo enabled user, follow our guides on SSH Essentials, hardening the OpenSSH client, and setting up a firewall with UFW to further protect remote access.

SSH in to your server as the root user:

ssh root@your_server_ip_address

Use your server’s IP address or hostname in place of your_server_ip_address above.

Use the adduser command to add a new user to your system:

adduser sammy

Be sure to replace sammy with the username you’d like to create.

Use the passwd command to update the new user’s password:

passwd sammy

Remember to replace sammy with the user that you just created. You will be prompted twice for a new password:

Output
Changing password for user sammy.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

Use the usermod command to add the user to the wheel group:

usermod -aG wheel sammy

Once again, be sure to replace sammy with the username you’d like to give sudo privileges to. By default, on Rocky Linux, all members of the wheel group have full sudo access.

To test that the new sudo permissions are working, first use the su command to switch from the root user to the new user account:

su - sammy

As the new user, verify that you can use sudo by prepending sudo to the command that you want to run with superuser privileges:

sudo command_to_run

For example, you can list the contents of the /root directory, which is normally only accessible to the root user:

sudo ls -la /root

The first time you use sudo in a session, you will be prompted for the password of that user’s account. Enter the password to proceed:

Output
[sudo] password for sammy:

If your user is in the proper group and you entered the password correctly, the command that you used with sudo will run with root privileges.

1. How do I add a sudo user in Rocky Linux?

To add a sudo enabled user on Rocky Linux, create the account with adduser sammy, set a password with passwd sammy, then run usermod -aG wheel sammy as root. These steps work on Rocky Linux 8, 9, and later and match the commands used in this quickstart.

2. What group grants sudo access on Rocky Linux?

On Rocky Linux, membership in the wheel group controls who can use sudo by default. The /etc/sudoers configuration grants full administrative privileges to users in wheel, so you usually only need to add users to this group instead of editing the file directly.

3. How can I verify that a user has sudo privileges?

First, check group membership with id sammy or groups sammy and confirm that wheel is listed. Then switch to the account and run a simple command such as sudo whoami; if the command prints root after you enter the user password, sudo is configured correctly.

4. What does “user is not in the sudoers file” mean on Rocky Linux?

This message indicates that the account is not allowed to use sudo, usually because it is not in the wheel group or the sudo configuration has been changed. To fix it, log in as root or another sudo enabled user, add the account to wheel with usermod -aG wheel sammy, then log out and back in so the new group membership takes effect.

5. Can I create a sudo user without disabling the root account?

Yes, creating a sudo enabled user does not disable the root account. For better security, it is common to keep root available for recovery while using a sudo user for daily work and pairing this with SSH hardening and firewall rules as described in our SSH and UFW tutorials linked above.

In this quickstart tutorial you created a new user account and added it to the wheel group to enable sudo access on Rocky Linux. For more detailed information on preparing a Rocky Linux server, read our Initial Server Setup with Rocky Linux tutorial, and for a broader overview of this pattern across distributions, see the How To Add a Sudo-Enabled User collection.

To try these steps on a cloud server, you can create a Droplet in the DigitalOcean control panel, choose a Rocky Linux or other compatible Linux image, and then follow this guide along with our SSH and firewall tutorials to harden remote access.