The Ubuntu Root Account is disabled by default to improve system security and reduce the risk of accidental administrative changes. Instead of logging in directly as root, Ubuntu encourages users to perform privileged tasks using sudo. However, there are situations where enabling or disabling the root account becomes necessary for system administration or troubleshooting.
In this guide, you’ll learn how the Ubuntu root system works, how to enable or disable the root user, and which method is safer for everyday Linux administration.
Ubuntu follows a security-first approach. Direct root logins can expose a system to brute-force attacks or accidental configuration mistakes. By disabling the root account initially, Ubuntu ensures administrative tasks are logged and controlled through sudo.
The first user created during installation automatically receives sudo privileges. This allows administrative commands to run securely without requiring a permanent root login.
For example:
sudo apt update
This command temporarily elevates permissions while still keeping your regular user environment active.
In most cases, you do not need to permanently enable the Root Account. Ubuntu provides safer alternatives for temporary administrative access.
To open a full root shell:
sudo -i
You can also switch to a root environment using:
sudo su
Or keep your current environment variables while gaining root privileges:
sudo -s
These methods are recommended because they avoid exposing a persistent root password on the system.
If you still need direct root access, you can activate the root account by assigning a password.
Run the following command:
sudo passwd root
You will be asked to create and confirm a new password for the root user.
Once completed, the root account becomes active. You can then log in as root using:
su -
After entering the newly created password, Ubuntu will open a full root login shell.
Although enabling root access can be useful for recovery tasks or advanced server administration, it should only be used when absolutely necessary.
If you previously enabled the root user, disabling it is simple and strongly recommended after completing administrative work.
Use this command:
sudo passwd -l root
This locks the root password and prevents direct root logins.
Disabling the Ubuntu Root Account helps reduce security exposure, especially on internet-facing servers or shared systems.
One common issue appears when using:
su -
If Ubuntu returns an authentication failure, it usually means the root account still has no password assigned.
Another issue occurs after locking the account. In that case, you can unlock it using:
sudo passwd -u root
SSH root login is also disabled by default in Ubuntu. Even after enabling the root account locally, remote root SSH access remains blocked unless manually configured.
Managing the Ubuntu Root Account properly is important for Linux security and system stability. While Ubuntu allows you to enable direct root access, the safer approach is usually temporary privilege escalation through sudo.
If you must enable the root user, use a strong password and disable the account again once your work is complete. For most administrators, sudo -i provides all the power needed without increasing unnecessary security risks.
Introduction Bash scripting is a powerful way to automate Linux tasks, but writing a script…
Introduction A self-signed SSL certificate is a certificate that is created and signed by the…
Introduction Debugging is an important part of Bash scripting. When a script does not work…
Introduction Cron jobs are used in Linux to run commands or Bash scripts automatically at…
Introduction Pipes are an important feature in Linux and Bash scripting. A pipe allows you…
Introduction The grep, awk, and sed commands are powerful text-processing tools in Linux. They are…