su vs sudo: Understanding the Differences and Best Practices

Introduction

When working with a Linux or Unix-based system, it’s common to use terminal commands to carry out various tasks. Two of the most common commands are “su” and “sudo”. Both of these commands allow you to carry out tasks with elevated privileges, but they have some key differences that are important to understand. In this blog, we’ll explore the differences between “su” and “sudo” and offer some best practices for using them.

Prerequisites

Before we begin, you will need the following:

  • A Linux machine (Ubuntu 16.04 or higher recommended)
  • A non-root user account with sudo privileges
  • A basic understanding of the command line

What is “su”?

“su” stands for “switch user” and is used to change the user identity in a terminal session. By default, when you open a terminal session, you’re logged in as the current user. If you need to carry out tasks as a different user, you can use the “su” command to switch to that user’s identity. For example, if you’re logged in as a regular user and need to perform an administrative task, you can use “su” to switch to the root user’s identity and gain access to system-level resources.

The basic syntax for “su” is as follows:

su [username]

If you don’t specify a username, “su” will assume you want to switch to the root user’s identity. After running the “su” command, you’ll be prompted to enter the password for the target user.

What is “sudo”?

“sudo” stands for “superuser do” and is used to execute commands with elevated privileges. With “sudo”, you don’t need to switch to a different user’s identity to carry out administrative tasks. Instead, you can execute commands as the root user or another privileged user while still logged in as your regular user.

The basic syntax for “sudo” is as follows:

sudo [command]

When you run a command with “sudo”, you’ll be prompted to enter your own password (not the password for the root user or the target user). If you’re authorized to use “sudo”, the command will be executed with elevated privileges.

Differences between “su” and “sudo”

Now that we understand what “su” and “sudo” do, let’s explore the differences between them.

  1. Authentication

One of the biggest differences between “su” and “sudo” is how they handle authentication. With “su”, you’re prompted to enter the password for the target user. This means that you need to know the password for the target user in order to use “su”.

With “sudo”, you’re prompted to enter your own password. This means that you don’t need to know the root user’s password or the target user’s password to use “sudo” (assuming you’re authorized to use it).

  1. Logging

When you use “su” to switch to a different user’s identity, your terminal session will start a new shell with the target user’s environment. This means that any commands you execute after using “su” will be logged as if they were executed by the target user.

When you use “sudo” to execute a command with elevated privileges, the command will be logged as if it was executed by your own user. This can make it easier to keep track of who executed which commands.

  1. Access Control

Another key difference between “su” and “sudo” is how they handle access control. With “su”, you need to know the target user’s password in order to switch to their identity. This means that you can’t use “su” to carry out tasks that require elevated privileges unless you have access to the root user’s password or the target user’s password.

With “sudo”, access control is managed through a configuration file called “sudoers”. This file defines which users are authorized to use “sudo” and which commands they’re allowed to execute with elevated