How to create superuser in CentOS 7


I am very new to Linux OS (i've started with CentOS 7), so i was wondering if it's possible to create some sort of super user who will have same privileges as root. By that i mean ability to write + read + execute folders and files who are owned by root user.
Why do i need this? I have VPS with full access. In order to increase security of my web server i have created new user and disabled root login and now i'm logging into my server with RSA public/private key through Putty and WinSCP.
This is my sshd.conf:

Port my_port_number
Protocol 2

HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key

AuthorizedKeysFile  .ssh/authorized_keys
PasswordAuthentication no
RSAAuthentication no
PubkeyAuthentication yes
ChallengeResponseAuthentication no
PermitEmptyPasswords no

SyslogFacility AUTHPRIV

LoginGraceTime 15m
PermitRootLogin no
StrictModes yes
MaxAuthTries 2

GSSAPIAuthentication yes
GSSAPICleanupCredentials no

UsePAM no

IgnoreRhosts yes

X11Forwarding no
ClientAliveInterval 120
ClientAliveCountMax 720


Subsystem   sftp    /usr/libexec/openssh/sftp-server
AllowUsers user_that_i_have_created

Also, i have added this line to /etc/sudoers

## Allow root to run any commands anywhere 
root    ALL=(ALL)   ALL
user_that_i_have_created ALL=(ALL) ALL

I've done this also:

usermod -aG wheel user_that_i_have_created

What is the problem now? As a new user that i've created, i'm unable to access files and folders who are allowed to read and modify only by root. As i often need to modify some root owned configuration files (apache's httpd.conf for example) i need to have access to these files through WinSCP because i got used to edit them through its' notepad. Editing these files via Putty (logged as root) would be waste of time.

I've imagined in my head that i will be able to create new user, same as root (regarding privileges and permissions) but only with a different name. Is that even possible in Linux?

Best Answer

Editing these files via Putty (logged as root) would be waste of time.

If the above is really your sweet spot with regards to security versus workload, then happily set PermitRootLogin without-password and login directly via WinSCP as root to edit anything you wish.

All the "don't login as root" idea is for people that can afford some of their time to use sudo. If you only allow root login with a passphrase-protected private key, the vulnerability surface is approximately the same (one private key needed + one password needed).

However I find highly debatable the assertion that the Putty approach is slower than WinSCP. It's faster for me - I don't know, maybe I don't know how to use WinSCP efficiently. Or maybe you need a refresher on your bash skills.