HowTo: Grant Root Access to User – Root Privileges – Linux

From this article you’ll learn how to create a user in Linux and grant root access to him or how to grant root privileges to already existent user.

This can be easily done by changing UID (user id) and GID (group id) in /etc/passwd file.

Also you will learn how to just add user to root group and i will explain how to delete user with root privileges.

Actually it is not a good idea to give all the privileges of root to a non-root user and outside the test environment i would not recommend to have multiply superusers.

Warning: Giving a non-root user all the permissions of root is very dangerous, because the non-root user will be able to do literally anything that could cause a big trouble if account is hijacked.

Check SSH Server Settings: If you have disabled root access in SSH server settings, by setting PermitRootLogin no in /etc/ssh/sshd_config – you won’t be able to login if your user has UID 0.

Warning: Before moving forward, read the comments below and DON’T FOLLOW THE STEPS FROM THIS ARTICLE if you don’t understand of what you are doing and what impact this may have!

Grant Root Privileges To New User

Let’s say you need to create a new user and grant him root access to the server.

To create a user with exactly the same privileges as root user, we have to assign him the same user ID as the root user has (UID 0) and the same group ID ( GID 0).

Use the following commands to create a user john, grand him the same privileges as root and set him a password:

$ sudo useradd -ou 0 -g 0 john
$ sudo passwd john

Grant Root Privileges To Existent User

Cool Tip: Dot the i’s and cross the t’s on file and folder permissions in Linux! Make it more clear! Read more →

Perhaps you already have a user john and you want to grant him root privileges (make him a second root user):

$ grep john /etc/passwd
john:x:1001:1001::/home/alice:/bin/sh

For this, it is required to edit the file /etc/passwd and just change UID and GID to 0:

$ grep john /etc/passwd
john:x:0:0::/home/john:/bin/sh

Add User To Root Group

If you just want to add john to root group, without granting him all root privileges, run the following command:

$ sudo usermod -a -G root john

Delete User With Root Privileges

Cool Tip: Log in to a remote Linux server without entering password! Set up password-less SSH login! Read more →

You won’t be able to delete a user with UID 0 using userdel command:

$ sudo userdel john
userdel: user john is currently used by process 1

To delete him, firstly open the /etc/passwd file and change his UID.

For example, change the line:

john:x:0:0::/home/john:/bin/sh

to something like:

john:x:1111:0::/home/john:/bin/sh

After this, you’ll be able to delete user john with userdel command:

$ sudo userdel john
Was it useful? Share this post with the world!

47 Replies to “HowTo: Grant Root Access to User – Root Privileges – Linux”

  1. “For this, it is required to edit the file /etc/passwd and just change UID and GID to 0”
    WRONG.
    Baaaad idea. Much regret. Undo, undo?!!

    1. Please explain.

      1. ntfs@brix:~$ ssh 192.168.88.16 -l pi
        pi@192.168.88.16‘s password:
        Permission denied, please try again.
        pi@192.168.88.16‘s password:
        Permission denied, please try again.
        – – –
        Nice explanation?)

        1. Since noone elaborate how to undo this broken way of adding users, I will. The only way is to successful login to the linux machine, if you login via ssh or tty.
          If you add a user with uid 0 to group uid 0, and you set in sshd_config AllowRootLogin NO, you`re access will be denied. So you will have to login to the linux machine via tty (this is the only way if you don`t have a correctly added backup user on the linux machine). Via tty you can login with any of the users, even root.
          The correct way to add a user with root privileges is adding the user the normal way, useradd -m user, and then add privileges with visudo to the user.
          So if you have a backup user that haves root privileges in visudo. you will be able to login to the linux machine via ssh, and you will be able to change the uid and group to the “broken” user.
          I think this article explains more likely how to add a user with root privileges “the hacker way (which is a broken way)”, and repair the broken way after.
          Also if you don`t have access to a tty console, and you want to test the commands of this article and be sure you did not broke something, STAY LOGGED in current session and open another one and test if all things are OK. If you can`t login in the new session, you still have opened the previous session and you can repair what have you broken.
          Hope it helps to repair further mistakes.

          1. I am agree with you bro, better to add the user at visudo and give access same as root rather then edit the /etc/passwd ‘coz it will make problem.

    2. Pyae Phyo Zaw says: Reply

      Can I do with my Mi 8 SE

    3. This is really a bad Idea!!!!

  2. It is prohibited to have to users with ID 0 in passwd file. Strange things then happens since linux messes users with the same ID.

    1. Please post an example?

  3. After lots of searching finally found what i was looking for. Thankyou for sharing the post.

  4. That is awesome article! you mentioned all required points not only how to create user. don’t stop blogging man!

  5. Do not use that F*ING decision, after i do that, my server did not accept any accesses

    1. I know this is old, but for other’s coming across this comment and have the same issue or to avoid having this issue..

      In the servers ssh_config, switch AllowRootLogin to Yes. However, do so with caution. Do everything involved with sudo and root access with caution. Do your research. Figure out what you want and need.

      1. Just add a non root user with sudo rights

  6. Good article

  7. Спасибо. Приятный сайт

  8. if using ssh authentication not working

    1. I know this is old blog, but for other’s coming across this comment and have the same issue or to avoid having this issue..

      In the servers ssh_config, switch AllowRootLogin to Yes. However, do so with caution. Do everything involved with sudo and root access with caution. Do your research. Figure out what you want and need.

      I posted this also as a reply to an older comment.

  9. «For this, it is required to edit the file /etc/passwd and just change UID and GID to 0»
    It’s a bad idea because after restart linux system you will not see user with UID 0 and GID 0 in log-in menu of linux. In this case you can log-in into linux just through the command-line. To get there from a log-in menu of linux is to push buttom combination Ctrl + Alt + F1.

    1. you are saying the correct but can u please share the way by using that i can delete the root user by using the second root that i had created as root.

  10. Just changed uid and guid to 0 in passwd, now i’m fucked up, thkx u… :\

  11. For those having issues with this make sure you have root login enabled prior to editing anything so your root accounts can log in and try running this when done so changes you made take affect.
    sudo service ssh restart

  12. it is very bad idea. Linux confused with two user with same Uid and will remove user permission also. very bad idea. don’t try this.

  13. The information here is incorrect and dangerous. Changing the user’s UID and GID in /etc/passwd has the potential to lock out the user from accessing anymore console commands and at worst may brick the computer. This information preys on developers looking for honest help from the CS community. It is not ok to leave misleading advice on a public forum like this. I advise that the blog admin take this down immediately.

  14. DO NOT DO THIS, you will lock yourself out of the machine. I was on an AWS EC2 instance and followed this. I had to terminate and spin up a new machine.

    1. I agree the article is bad way!!! Right now i am sitting and have error – sudo: unknown uid 1000: who are you?

      And what should i do?

      Thx so much, if you do not know exactly, do not write a post!

  15. Please remove this article or place larger warning signs about what this could do to the system.

    If you changed the ID’s without changing the configuration settings, you may be able to open another session using your username and the root password with root access. If you are able to do this, immediately reverse the changes that you made to the passwd file and revert the configuration settings.

  16. You need to install linux first

  17. Guys, if you read that article and your machine was broken, do not worry, you can use safe mode in start machine, and just edit that file, and after rebooting everything will be nice 🙂

  18. I got my AWS Centos machine in a mess state. What best I can do Please suggest.

  19. Jesus, what an irresponsible post. The system doesn’t recognize me after this “trick”

  20. Folks no need to fret.. Agreed this is a bad practice to go and edit ‘passwd’ file directly but in case you want to restore things then press alt+F1 or alt+F2 or alt+F3 or alt+F4 … alt+F7 . one of this should drop you to another console/session window. then simply log in using root credentials and edit the ‘/etc/passwd’ file and undo your changes, save your changes and reboot your system. On next boot it should bring you back to login greeter screen. I did the same and I reverted the UID (first bit) back to 1000 and kept the GID(second bit after:) to ‘0’ thus this new user is still a member of root group. and my system works fine. here’s how it looks on my system now..
    tom:x:1000:0:tom:/home/tom:/bin/bash

  21. do not make any changes in /etc/passwd and /etc/shadow file, as after making the changes you need to reboot the machine/server for the changes to take effect. And by doing this you just locked yourself out of the your machine.No matter which user you try or for which user you made the changes.
    Rather try:
    1) adduser
    2)passwd
    Check where the user is created referring the /etc/passwd file
    user1:x:1502:1502::/home/user1:/bin/bash
    user2:x:1503:1503::/home/user2:/bin/bash
    user3:x:1504:1504::/home/user3:/bin/bash
    3)and provide privilege as per your requirements
    chmod -R 600 /home/user1
    chmod -R 700 /home/user2
    chmod -R 777 /home/user3
    chmod -R 500 /home/user4

  22. Ok,

    when you share the post, which probably has an issue.

    Putting the solution..

    If you are noob in linux and run above command(change in UID in passwd file) without taking much knowledge,use below command to get back your admin rights again.

    open terminal,
    type su
    it will ask about password, use your admin password.
    open your passwd file(which will be in etc folder- open in terminal by usind simple cd command)
    edit your passwd file in terminal( sudo nano passwd)
    undo changes that you did in the file.
    Hope it will work, as worked for me.
    thanks.

    1. Bro, I installed Debian live mode and could not select an administrator password. What should I do?

  23. Anastasia Kishkun says: Reply

    NEVER NEVER NEVER USE IT!!!

  24. I just wanna f**k. I follow the instructions and made myself never able to login. Now requesting for a password reset.

  25. Remove this article asap. Do not do this.

  26. How has this article not been removed yet. Does anyone know anything about the author or site owner? Name or contact details? This article offers horrible advice.

  27. cracks me up …if you do this at the very least make sure you have another account with sudo privileges set up so you can undo it if it don’t work out for you common sense would say you should have a backup login regardless ….all that crying I saw after the op specifically said don’t do it of you don’t know what you are doing …if course you really are not an operator/admin until you have bricked or screwed up at least one server in your career…..

  28. Thanks a lot for this good tutorial

  29. FCK! Please remove this instruction page asap!
    I gave a user ID 0, and now there is no way to get into the system anymore.
    Running Octopi here, which prohibits logging in with root user.
    Thanks a lot, NOT
    Have to completely reflash my OS now..

  30. This method is great if you know what you are doing. This way suits perfect for my personal computer. I run a Linux VM on my computer and I constantly boggled down by thoes stupid permission things. Something like I can’t delete files in my samba share folder or Plex can’t access files because these users don’t have “permission”
    I saw a lot of people use these commands on their AWS servers, which is absolutely crazy. Don’t use these commands on your actual server. Not only you could lock your self out from the server, but also this method is extremely dangerous

  31. Wish I looked at the comments first. A years worth of work has gone to waste now.

  32. The “how-to” is from 2016 and all the comments explain the danger of this guide and the mistakes. CAN YOU NOT READ?
    You are not qualified to set up a server with valuable data if you follow such instructions without checking the sources and knowing what you are doing.
    Better leave these tasks to the experienced IT professionals and pay for their services. It’s worth it!

    That’s the reason why this site won’t go offline 🙂

  33. Jeez! This was a bad idea in 2016, and it’s just as bad now in 2023. I should have read the comments first. I just locked myself out of my server. Trying to figure out how to restore it now. Thanks for the advice on how to make a brick. PLEASE take this blog post down! Bad, bad, bad advice!

Leave a Reply