Sudo vs. SU

The “su” command is what a Linux user with proper permissions uses to ascend to the root administrator account. A secure SSH server will not allow direct root login, so the user must gain root after initial login. The “sudo” command is an alternative to using a separate root user with its own password. Instead, the user prepends “sudo” before a command that needs root privileges. Certain distributions, such as Ubuntu use “sudo” by default, while others, such as CentOS, prefer “su”.

There are benefits and drawbacks to each. With “su”, root is a true separate user, and some administrators find it more useful to be able to log in as root and run several commands. With “sudo” only commands with those words in front of it will be administrative preventing the user from accidentally running a dangerous command as root.

There are security benefits to each, and the argument over which is better can get heated. Suffice it is to say that it ultimately depends on the preference of the system administrator. Does he/she want to deal with one password or two? Technically, an administrator can decide to use both on the same server and use the one that is most beneficial at the time. It can also be useful if you have multiple users who need various permissions.

Photo Source: Flickr