How to create superuser in CentOS 7

I am very new to Linux OS (i've started with CentOS 7), so i was wondering if it's possible to create some sort of super user who will have same privileges as root. By that i mean ability to write + read + execute folders and files who are owned by root user.
Why do i need this? I have VPS with full access. In order to increase security of my web server i have created new user and disabled root login and now i'm logging into my server with RSA public/private key through Putty and WinSCP.
This is my sshd.conf:

Port my_port_number
Protocol 2

HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key

AuthorizedKeysFile  .ssh/authorized_keys
PasswordAuthentication no
RSAAuthentication no
PubkeyAuthentication yes
ChallengeResponseAuthentication no
PermitEmptyPasswords no

SyslogFacility AUTHPRIV

LoginGraceTime 15m
PermitRootLogin no
StrictModes yes
MaxAuthTries 2

GSSAPIAuthentication yes
GSSAPICleanupCredentials no

UsePAM no

IgnoreRhosts yes

X11Forwarding no
ClientAliveInterval 120
ClientAliveCountMax 720

AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS

Subsystem   sftp    /usr/libexec/openssh/sftp-server
AllowUsers user_that_i_have_created

Also, i have added this line to /etc/sudoers

## Allow root to run any commands anywhere 
root    ALL=(ALL)   ALL
user_that_i_have_created ALL=(ALL) ALL

I've done this also:

usermod -aG wheel user_that_i_have_created

What is the problem now? As a new user that i've created, i'm unable to access files and folders who are allowed to read and modify only by root. As i often need to modify some root owned configuration files (apache's httpd.conf for example) i need to have access to these files through WinSCP because i got used to edit them through its' notepad. Editing these files via Putty (logged as root) would be waste of time.

I've imagined in my head that i will be able to create new user, same as root (regarding privileges and permissions) but only with a different name. Is that even possible in Linux?

Best Answer

Editing these files via Putty (logged as root) would be waste of time.

If the above is really your sweet spot with regards to security versus workload, then happily set PermitRootLogin without-password and login directly via WinSCP as root to edit anything you wish.

All the "don't login as root" idea is for people that can afford some of their time to use sudo. If you only allow root login with a passphrase-protected private key, the vulnerability surface is approximately the same (one private key needed + one password needed).

However I find highly debatable the assertion that the Putty approach is slower than WinSCP. It's faster for me - I don't know, maybe I don't know how to use WinSCP efficiently. Or maybe you need a refresher on your bash skills.

Best Answer

Related Solutions

Ssh – SFTP Access Restricted with new Sudo Root User

Ssh – Allowing root login on sftp while disallowing it over ssh

Related Topic