su commands belong to the group of commands every Linux user comes across. Because they are similar in syntax and have overlapping functions, many new users are unsure when to use one over the other.
In this tutorial, learn all about the difference between
sudo vs su
sudo elevate privileges assigned to the current user.
The main difference between the two is that
su requires the password of the target account, while
sudo requires the password of the current user. Therefore, it is much safer to use
sudo since it doesn’t include exchanging sensitive information.
Additionally, it is advisable to stick to
sudo when performing tasks that require root privileges. By doing so, the current user is only granted privileged for the specified command. On the other hand,
su switches to the root user completely, exposing the entire system to potential accidental modification.
How to Use the su Command
su command stands for substitute user, and it is mostly used for switching from one user to another. It does this by starting a login shell in the current directory and environment (
su) or by completely changing to the setting of the target user (
su -) .
The main syntax is:
su - [user_name]
If the command is used without the argument, it switches to the superuser (root) account.
How Does the su Command Work?
To invoke another user’s shell within the working directory/user environment, use the
su command (without the hyphen).
For instance, to operate as a user named phoenixnap, run:
Then, provide the password for the phoenixnap account and hit Enter.
The shell should change, displaying you now have operator access to the specified account. However, the user environment remains the same, as in the image below:
How Does the su – [hyphen] Command Work?
To move to another user and switch to that target user environment, use the
su - command.
Therefore, to switch to the phoenixnap user and move to its login shell, type the command:
su - phoenixnap
Type in the password for the phoenixnap account and hit Enter to confirm. The output should appear similar as in the following image:
Note: Additional attributes that allow moving to another user and its login interface include:
su - l (or
For more details about the
su command, see our article on How to Use the
su Command With Examples.
How to Use the sudo Command
sudo is used as a prefix to Linux commands, which allows the logged in user to execute commands that require root privileges. Unlike
sudo command in Linux requires providing the password for the user running the command.
All administrative and executable tasks require maximum permission (held by root). In such cases, it is recommended to use
The main syntax is:
Before the system executes the command, it asks for the password of the current user.
Bear in mind that the
sudo option can only be used by users who belong to the sudoers group.
Adding a User to the Sudoers Group
For a user to execute a command that requires the
sudo prefix, it has to be part of the sudoers group.
To add a user to the sudoers group, run the following command (as root or an account that already has sudo privileges):
usermod -aG sudo [user_name]
For instance, to add the account phoenixnap, you would type:
sudo usermod -aG sudo phoenixnap
To see a list of accounts that belong to the sudoers group run:
sudo getent group sudo
The output should display the account added in the previous step:
Note: For an in-depth guide, refer to How to Add User to Sudoers Group on Ubuntu or How to Add User to Sudoers Group on CentOS.
How sudo and su Work on Different Linux Distributions
su is an older but more fully-featured command included in all Linux distributions. It is the traditional way to switch to the root account.
Linux discourages working as root as it may cause unwanted system-wide changes and suggests using
sudo instead. For this reason, all Ubuntu-based releases are sudo-only, meaning the root account is not active by default.
While installing an Ubuntu OS, you create a user automatically labeled as part of the sudoers group. However, there is no root account setup. To enable the root user, you need to activate it manually.
On the other hand, other Linux distributions, such as Fedora, create a root and user account upon installation.
Enabling the Root Account
If you are using an Ubuntu-based distribution and try to switch to the root user, the output informs you there is an Authentication failure.
To activate the root user, run the passwd command:
sudo passwd root
Next, the output asks to set the password for the root user. Type and retype a secure password, then hit Enter. The system should notify you the password has been updated successfully.
Verify the root user is active by switching to it its login shell with
Note: It’s recommended to change passwords regularly. This guide can help you change or reset your Linux root password in Ubuntu or CentOS.
sudo is mainly linked to executing commands with root privileges, it can also be used to change the root user. Switch to the root user and acquire the root environment with:
Type in the password for the user currently in use. You should now be in the root shell.
su can also function as
sudo and run a single command as the root:
su -c [command]
After reading this article, you should understand the difference between the
su command. Remember to use
sudo whenever you can to prevent potential security and system-wide issues.