Skip to main content

Understanding the Difference Between sudo and su in Linux: A Complete Beginner's Guide

sudo vs sulinux sudo commandlinux su commandlinux root permissionlinux user privilegelinux beginner tutoriallinux server securityvps linux managementlinux permission controllinux command line guideAbout 3 min

Understanding the Difference Between sudo and su in Linux: A Complete Beginner's Guide

In Linux system administration, sudo and su are two of the most frequently used commands for managing user privileges. While both are used to gain elevated (root-level) permissions, they work in very different ways. Many beginners — and even experienced users — confuse these two commands, which can lead to security risks or permission errors.

In this guide, we’ll break down what sudo and su really do, how they differ, when you should use each one, and best practices for safe usage.

What Is su in Linux?

su stands for substitute user or switch user. It allows you to switch from your current user account to another user account, most commonly the root user.

Basic Syntax

su

This command switches you to the root user. You will be prompted to enter the root password, not your own.

You can also switch to another user like this:

su username

What Happens After su?

  • You enter a new shell session

  • You fully become the target user (often root)

  • All commands run with full root privileges

  • You stay in that user’s environment until you exit

To leave the su session:

exit

What Is sudo in Linux?

sudo stands for superuser do. It allows a permitted user to run a single command with elevated privileges, without switching users.

Basic Syntax

sudo command

Example:

sudo apt update

This runs apt update with root privileges while keeping you logged in as your normal user.

Key Characteristics of sudo

  • Uses your own password, not root’s

  • Executes one command at a time

  • Actions are logged

  • Permissions are controlled by /etc/sudoers

Core Differences Between sudo and su

Featuresusudo
Requires root password✅ Yes❌ No
Uses current user password❌ No✅ Yes
Enters full root session✅ Yes❌ No
Runs single command only❌ No✅ Yes
Command logging❌ No✅ Yes
Fine-grained permission control❌ No✅ Yes
Safer for daily use❌ No✅ Yes

Security Implications

su Security Risks

  • Anyone with the root password has full unlimited control

  • No command-level logging

  • High risk on shared systems

  • If compromised, attacker gains permanent root session

sudo Security Benefits

  • Each user has individual permission rules

  • Every command is logged

  • Limited access (not full root by default)

  • Root account can remain disabled

When Should You Use su?

Use su only when:

  • You are working in a local controlled environment

  • You need a full root environment for extended maintenance

  • You fully trust everyone who has the root password

  • You are performing system recovery tasks

Example:

su -

(The - loads the full root environment)

When Should You Use sudo?

Use sudo when:

  • You are working on cloud servers and VPS systems

  • Multiple users share the server

  • You want audit logs

  • You want to follow Linux security best practices

Common examples:

sudo systemctl restart nginx
sudo ufw allow 443
sudo mount /dev/sdb1 /mnt/data

How to Add a User to the sudo Group

On most Ubuntu/Debian-based systems:

sudo usermod -aG sudo username

On CentOS/RHEL:

sudo usermod -aG wheel username

After that, the user can use sudo.

Can You Use sudo to Become Root?

Yes, using:

sudo -i

or

sudo su

This gives you a root shell, but the access is still tracked via sudo logs, which is safer than su.

Best Practices for Using sudo and su

✅ Disable direct root login on servers

✅ Use sudo for daily administration

✅ Give users minimum required permissions

✅ Never share the root password

✅ Regularly audit /var/log/auth.log

sudo vs su in VPS & Cloud Environments

On most VPS platforms and cloud servers:

  • Root login is often disabled by default

  • Users are granted sudo access instead

  • This allows providers to:

  • security

  • Track admin activity

  • Reduce abuse risk

If you're managing multiple servers (such as overseas VPS deployments), this setup is now the industry standard.

FAQ

  1. Why does Linux prefer sudo instead of su now?

Because sudo provides better security, command tracking, and user-level control without exposing the root password.

  1. Is it dangerous to always use su?

Yes. su gives unlimited root access and leaves no trace of what commands were executed by which user.

  1. What happens if I forget the root password but have sudo?

You can reset the root password using:

sudo passwd root
  1. Can I disable the root user completely?

Yes. On Ubuntu:

sudo passwd -l root
  1. Why does my VPS not allow su but allows sudo?

Because the provider disabled direct root login for security reasons and forces privilege escalation through sudo.

Final Thoughts

If you're managing Linux servers in modern environments — especially VPS and cloud infrastructure — sudo is always the recommended and safer choice for system administration. su still has its place, but it should be used carefully and only when absolutely necessary.

Understanding the difference not only improves your workflow, but also protects your servers from costly security mistakes.

Find Cheap and Best servers.