I can use sudo but I can't use su due to a password Authentication failure, shouldn't both be the same password?
Solution 1
What is happening?
To change (switch) users using su
command, you should provide the password of target user, that's how it works. However with sudo
you can use your own password.
For example if you use the su -
command to switch into root
user, you have to use root's password which by default it does not have any password and also its account is disabled.
What is the different?
So with su
we are giving away a single password to all users who needs to switch into the target user, what sudo
does is to overcome this problem.
We setup a file named sudoers
and within it we will define who can do what. With providing their password to sudo
command, they are actually confirming it's really them who is trying to run a command and system can verify the user and the command they are allowed to use.
What can I do?
You can use: sudo -i
to switch into root with its default shell as a login shell, or for a no-login shell sudo -s
or even old school sudo su -
(login shell again).
Extra informations
You can also use sudo -l
to see what privileges you have, for example do you have the rights to switch into root or user bob or run a specific command using john at a specific machine?
To clarify about root account:
in a Ubuntu machine, by default root account does not have any password and at the same time the account is disabled. When you disable an account an exclamation mark "!", will be added in front of its password hash, so no one can login into that account, whether it has a password or not.
$ sudo grep root /etc/shadow
root:!:2020:0:99999:2:::
Which means root does not have any password (second section (delimited by ':') is empty, it only contains an exclamation mark) and at the same time it's disabled: pay attention to !
.
Solution 2
No, in sudo
you enter your own password, in su
it is root's password, which normally is disabled in Ubuntu.
Related videos on Youtube
Sol33t303
Updated on September 18, 2022Comments
-
Sol33t303 over 1 year
when I try using a command with
sudo
everything works fine, however, if I want to log in as the superuser usingsu
it doesn't let me. Why? -
ravery almost 7 yearsroot password isn't disabled, root login is disabled
-
Sol33t303 almost 7 yearsah ok, thanks for clearing that up (i have been using Linux for a few months now, I'm surprised I didn't realise this earlier)
-
Byte Commander almost 7 years@ravery Actually root login is disabled by setting an invalid password... So it is basically the same to my knowledge.
-
Sol33t303 almost 7 yearsThanks, I've been using Ubuntu for a few months now, I don't know how I didn't realise this earlier.
-
ravery almost 7 years@Byte -- I'm not sure about the mechanic, but sudo and su can both be used with the same password. changing your password changes sudo but not su. unless there has been a change to it since 15.04
-
Ravexina almost 7 yearsYou're welcome, have look at my update too ;)
-
Soren A almost 7 years@ravery, there are NO connection between the password used for
sudo
(that is: your password) and the one used forsu
(root's password) .. Of course you can set them to the same value, but they are still separate passowrds and changing the one don't change the other. -
ravery almost 7 years@soren, that is what i said.
-
Zaibis almost 7 yearsAn option I figured out my self you haven't mentioned, in case you run ubuntu with gui, executing sudo $TerminalApp will also start another instance of the terminal as root. ;)
-
Ravexina almost 7 years@Zaibis it's not a good think to do... you should use
gksu x-terminal-emulator
for example, why? -
marcelm almost 7 years@ravery "root password isn't disabled, root login is disabled" - No, root's password is disabled, but root login is enabled. Logging in straight as root on an Ubuntu system is perfectly possible with SSH public key authentication, for example. If root login were disabled, this would not be possible.
-
Kaia Leahy almost 7 yearsPlease note that
sudo -i
is preferred oversudo su -
andsu -
as it handles the environment more correctly. -
Baard Kopperud almost 7 yearsLike to also point out that root isn't asked for a password, so if you first become root, you can use
su
to become any other user without giving this user's password.