How to use Root access for managed servers?
You are always encouraged to shop around before picking a hosting solution for your website. However, if you start looking at the different options, you may be confused by the wide range of features they offer, especially if this is your first project and you’re not entirely familiar with how the various hosting services work.
For example, you are likely to see that some VPS server hosting providers offer root user access while others don’t, and you’re probably wondering which is the best option for you.
Let’s take a closer look and find out.
Table of Contents:
An Introduction to the Root User
You don’t need to enable root access on all Unix-based operating systems like Linux, macOS, BSD, etc., because it’s already working. It’s also known as the superuser, and it always has a User ID of 0.
The root user is the equivalent of the Administrator on a Windows machine. It’s considered the system’s owner, and it has the right to do anything with it.
Root Privileges and Permissions
The term root user stems from the fact that this is the only account that has read/write/execute permissions in the operating system’s root directory. Since all the data on a Unix-based machine is located in the said directory, the root user has complete control over it. If you’re logged in as root, you can edit, change the ownership of, delete, and move any file and any folder.
Obtaining Root access privileges also give you the right to launch processes and execute commands without limitations of any sort. As a system owner, you can create user accounts and manage their permissions, as well.
When to Use Root Privileges?
How much you’ll need to use root privileges depends largely on your individual use of the machine.
If you want to use it as a web hosting server, you’re much better off carrying out most website-building and maintenance tasks via the Graphic User Interface (GUI) of a web hosting control panel. Installing WordPress, for example, doesn’t require root privileges, and with a control panel, you don’t even need to use the console.
You will need full root access permissions to do some of the more critical server administration tasks. For example, configuring and installing software tools critical for your website’s correct functionality is impossible without accessing the server’s core system settings.
You also need root access to update all the software packages installed on the server – a crucial requirement for squeezing out the best possible security and performance out of your fully managed VPS or dedicated machine. Root privileges may be required for the deployment and configuration of a custom firewall, as well.
Root Connection on a VPS Server
By default, the username of the root user on Unix-based machines is “root.” After deploying your VPS, your hosting provider will probably send you an email with the server name, domain, location, and detailed instructions on how to log into it.
Remote access to your VPS is facilitated by SSH – a network protocol that encrypts and protects the data flow between the remote server and your home computer. By default, authentication is handled by a traditional username and password system, but for extra security, you can also use cryptographic keys for identity verification purposes.
Switch to the Root User
Once you log into the server as root, you can create new accounts and decide what sort of privileges they’ll have with the adduser command. If you access your virtual or dedicated server via the regular account, you can easily switch to the root user with the following command:
After you enter the root password, you will be logged in as root.
Possible Root Connection Tools
SSH is based on the client-server architecture. The client is your home computer, and the server is the remote server you want to manage. The protocol is only available via the command-line interface, and it uses standard Unix commands.
SSH is supported by the Terminal on Linux and macOS, and Windows 10 machines can connect to a remote Unix-based server via Windows PowerShell.
However, there are dedicated SSH client applications that, in addition to facilitating the secure connection between your computer and the remote server, give you a broad range of useful features that make server management that much easier.
Here are some of the top SSH clients you may want to look into:
- PuTTY – PuTTY is by far the most popular SSH client for Windows users. It’s renowned for its lightweight design, support for multiple protocols, and its wide range of features.
- Solar Putty – Solar Putty is an enhanced version of PuTTY developed by SolarWinds. It has a few useful features that are missing from the regular edition, including support for multiple sessions, the ability to save credentials, etc.
- mRemoteNG – mRemoteNG is yet another remote access client that supports multiple protocols, including SSH. It might not be the most feature-rich option out there, but its design is lightweight and functional.
- MobaXterm – Besides SSH, MobaXterm supports many other communication protocols and has quite a few extras, including plugin support, port forwarding, a text editor, and customizable syntax highlighting functionality.
Use Root With Caution
Having root privileges gives you pretty much unlimited control over your VPS. You can do anything you want to configure the server to your exact needs and specifications. You need to know how to do it, though.
Otherwise, you run the risk of changing something you shouldn’t and completely messing up the entire server’s configuration.
The root user gives you access to files that can render the entire system inoperable if mishandled. The wrong command or even a simple typo can result in hours of downtime. That’s why even experienced system administrators back up their servers before they edit system files and settings.
Disable SSH Login for Root
There are more reasons to use the root user with extreme caution. Every process you start when you’re logged in as root has exactly the same privileges and permissions as the root user. If you use the root user as your regular account, the applications you launch can gain full access to the operating system’s core settings.
You can probably see how an innocent bug can bring the entire server down. Worse still, if hackers find a security vulnerability in an application and hijack a process running with root privileges, they can easily take over the entire server.
Because of this, security experts recommend disabling the root user’s SSH access. If you need to run commands or manage files that require root privileges, you can simply use your admin user and the sudo prefix.
First, make sure you set up your admin account and double-check to see if it’s in the etc/sudoers file.
These steps ensure that you can use root privileges on your admin account. Use the sudo prefix to open the following file:
Find the line that says:
and change it to:
NOTE: You need to remove the # sign at the beginning of the line. Otherwise, the line will be treated as a comment, and SSH access for the root user will not be closed.
Restarting the SSH service saves the changes.
Root access can be invaluable if you need a custom server configuration that gives you a hosting environment specifically tailored to your needs. You are in charge of the server, so you can set everything up exactly the way you want it.
As the saying goes, however, with great power comes great responsibility. Seemingly small mistakes can cause major damage if you have full root access, so be sure to double-check every command before hitting Enter. Also, if you’re not sure what a file does, you’re probably better off leaving it well alone.
Does VPS hosting offer root access?
Whether or not you have root access to your VPS server depends on your hosting plan. Pretty much all self-managed VPS and dedicated server accounts give you root access.
Managed servers are targeted at people with less experience and no desire to handle complex maintenance tasks. Because they’re designed to be more novice-friendly, managed servers rarely come with root access. Nevertheless, if you need to a specific application or a custom configuration that requires root privileges, you can always check with your hosting provider’s support team and see if they can help.
How do I get root access on a VPS?
If your VPS plan features root access, you can log into the server as the root user using the SSH protocol. However, the more secure option is to use your administrative level account and employ the sudo prefix whenever you need root privileges.
How do I check if I have root access?
First, you need to contact your hosting provider and ask if your server has root access at all. If it does, you can check your user’s user ID (UID). If it’s 0, then you are the root user. The usernames of all accounts that can use root permissions with the sudo prefix are available in the etc/sudoers file.