How to create a non-root user on Hostinger
Quick Answer
Log in as root via Hostinger hPanel Terminal or SSH, create a new user with adduser username, add to sudo group using usermod -aG sudo username, test with su - username and sudo whoami. This enhances security by avoiding daily root logins. Optionally set up SSH keys and disable root login.
Prerequisites
- Hostinger VPS with Ubuntu/Debian
- Root access via hPanel Terminal or SSH
- Basic terminal knowledge
- VPS IP address and root password
Step-by-Step Instructions
1
Access VPS Terminal as root
Sign in to your Hostinger hPanel, navigate to VPS section, select your VPS, and click Terminal in the top menu to open the web-based SSH terminal which logs you in as root by default. Alternatively, use SSH from your local terminal:
ssh root@<VPS_IP>2
Verify root login
In the terminal, run
whoami to confirm output shows root. The prompt should end with # instead of $, indicating root privileges. If not root, ensure you're using the correct access method.
3
Create new non-root user
Run
adduser <username> (e.g., adduser myuser). Enter a strong password twice when prompted, fill optional GECOS fields like full name or press Enter to skip, then type Y and Enter to confirm. The user's home directory will be /home/<username> with shell /bin/bash. Choose a unique username to avoid 'user exists' errors.
4
Add user to sudo group
Execute
usermod -aG sudo <username> (e.g., usermod -aG sudo myuser). This grants the user administrative privileges via sudo commands without needing root login.5
Test the new user locally
Switch to the new user with
su - <username>, enter the user's password. Prompt changes to $. Run whoami to verify username, then sudo whoami (enter user password; should output root). Use this to simulate daily admin tasks securely.
6
Exit test and enable SSH for non-root
Run
exit to return to root. Test SSH login from local machine: ssh <username>@<VPS_IP> and enter user password. For better security, generate SSH keys locally with ssh-keygen and copy public key using ssh-copy-id root@<VPS_IP>. SSH keys prevent password brute-force attacks.
7
Update packages as non-root user
SSH as the new user, then run
sudo apt update && sudo apt upgrade -y8
Enhance security by disabling root login
As the new user or root, edit SSH config:
sudo nano /etc/ssh/sshd_config, set PermitRootLogin no, save and exit, then restart SSH: sudo systemctl restart ssh. Now only non-root SSH is allowed. Always test non-root SSH before disabling root.
Common Issues & Troubleshooting
useradd: user <username> already exists
Choose a different username and retry adduser <newusername>.
User is not in the sudoers file. This incident will be reported.
Run usermod -aG sudo <username> as root and log out/in to apply group changes.
Cannot SSH as non-root user
Ensure PasswordAuthentication yes in /etc/ssh/sshd_config, restart SSH, or set up SSH keys.
sudo prompts for root password instead of user password
Switch to user with su - <username> or log out/in; sudo uses user password by default.
Weak password rejected
Use a strong password with uppercase, lowercase, numbers, and symbols to meet Linux policy.
Prices mentioned in this guide are pulled from current plan data and may change. Always verify on the official Hostinger website before purchasing.