If you’ve just spun up a fresh Debian 8 server and you’re staring at the control panel thinking “OK… now what?”, you’re in the right place.
This guide walks you through the very first pieces: logging in as root over SSH, and creating a safer everyday user so you’re not living dangerously as root all the time.
I’ll keep it simple, step-by-step, so you can get this done and move on to real work.
Who this guide is for (and the problem)
This is for you if:
- You just created a Debian 8 server (on a VPS, dedicated box, or similar).
- You have an IP address and a root password (or key), but you’re not sure how to start.
- You’ve heard “don’t use root all the time” but don’t yet have another user to log in with.
The main problems we’re solving:
- How to log in as
rootover SSH the first time. - How to create a new user account you’ll use from now on.
That’s it. No extra magic, no weird tools. Just the basics done correctly.
Step 1 – Log in to your Debian 8 server as root
First, you need two things from your provider or control panel:
- The server’s public IP address.
- The root account’s authentication: usually a password, sometimes a private key.
Once you have those, open a terminal (on Linux/macOS) or something like PuTTY/Windows Terminal on Windows.
Run this command, swapping in your server’s IP:
ssh root@SERVER_IP_ADDRESS
When you run this the first time, a couple things will happen:
- Host authenticity warning – SSH will tell you it has never seen this host before and show a fingerprint.
-
Type
yesand press Enter to accept it, so your machine remembers the server. - Authentication – You’ll be prompted for:
- The root password, or
- Your private key passphrase, if you’re using keys instead of passwords.
If this is your first login with a password, Debian will usually force you to change the root password right away.
Just follow the prompts:
- Type the current password.
- Enter a new strong password.
- Confirm the new password.
Once that’s done and you see a shell prompt that looks something like root@hostname:~#, you’re in.
Step 2 – Understand what root can (and shouldn’t) do
Now that you’re in as root, it’s important to understand what that means.
rootis the administrative user on a Linux system.rootcan do almost anything: install/remove software, edit any file, change any permission.
That power is both useful and dangerous:
- A single wrong command as
rootcan destroy important data. - A simple typo can break the OS or services.
That’s why using root for everyday work is discouraged.
Instead, the safer habit is:
- Use a normal user account for daily work.
- Only use elevated privileges when you actually need them.
So our next move is to create that normal user.
Step 3 – Create a new non-root user
Still logged in as root, you’re going to add a new user account.
In the official example, the username is demo, but you can pick anything you like.
From the root shell, run:
adduser demo
Replace demo with your preferred username.
The system will then ask you a few questions.
3.1 Set the account password
The first prompt will be for the user’s password:
- Choose a strong password.
- You’ll be asked to type it twice to confirm.
This password is what you’ll use when logging in as this new user.
3.2 Optional user information
After the password, Debian will ask for some extra details:
- Full Name
- Room Number
- Work Phone
- Home Phone
- Other
These are optional.
If you don’t care about them (for most servers, you don’t), just press Enter for each field to skip.
At the end, you’ll see a summary of what you entered and a confirmation question:
- Type
Yor press Enter if it offers[Y/n]and you’re fine with the info.
That’s it — you’ve created a new user.
Step 4 – Why this new user matters
Now you have two important accounts on the server:
root– the all-powerful administrator.demo(or whatever name you chose) – a regular user.
You’ll use this new user for:
- Daily login.
- Basic file operations.
- Running commands that don’t require full system access.
Using a regular user reduces the chance of:
- Accidentally deleting system files.
- Breaking permissions by running everything as
root.
And if someone ever gets that user’s password, they still don’t immediately have the same power as root.
Step 5 – Safety notes before you go further
Even in this early setup stage, a few safe habits will save you pain later.
- Keep the root password safe
- Don’t reuse it from other systems.
- Don’t store it in plain text where others can see it.
- Use the new user by default
- Whenever you open a new SSH session later, log in as your new user, not
root. -
Only log in as
rootwhen you really need that level of access. - Change credentials if shared
- If your provider emailed a default root password, treat it as temporary.
- You already changed it once on first login — don’t share the new one around.
These are simple, but they help keep your Debian box from turning into a “whoops, I deleted everything” story.
What’s next after this basic setup
From the source steps we covered, you’ve now:
- Logged in to your server as
rootover SSH using:
ssh root@SERVER_IP_ADDRESS
- Understood why using
rootall the time is risky. - Created a new regular user with:
adduser demo
and set its password and (optionally) user information.
From here, you’d normally continue by:
- Using that new account for your regular logins.
- Only switching to elevated access when absolutely needed.
But even just doing these basics already puts you ahead of the “I just stay as root forever” crowd.
Need more help? Check the latest CrushEdge posts.
No Comments