sudo vs su: When to Use Each Linux Privilege Command

The primary distinction between sudo and su is the password they require: sudo asks for the current user's password, while su asks for the target (often root) password.

Default behavior : sudo runs a single command with elevated privileges and then returns to the original user, whereas su starts a new shell with the target user's privileges until you explicitly exit.

Purpose of su : It switches the identity to another user. By default it changes only the UID, leaving environment variables unchanged; using the - option (e.g., su - root) also loads the target user's environment.

Examples : su root – prompts for the root password, switches to root but keeps the current working directory. su - root – prompts for the root password, switches to root and changes the working directory to /root.

Typical sudo usage : It is followed by a command, e.g., sudo apt update. Variants such as sudo -i, sudo -, or sudo root all start an interactive root shell; they require the current user's password and the user must be listed in /etc/sudoers.

Behavior of sudo : It temporarily grants super‑user privileges (usually root). The password prompt uses the invoking user's password, not the root password. On many distributions (e.g., Ubuntu) the elevated session expires after a default timeout (15 minutes).

Behavior of su : It switches to the specified user (default is root) and asks for that user's password. There is no timeout; the session remains active until you exit.

Using sudo -i : This starts an interactive root shell without requiring repeated password entry (after the initial authentication). The prompt changes from $ to #. To return to the normal user, run exit or logout. The invoking user must be in sudoers.

Combining commands : sudo su – runs su with elevated privileges, effectively switching to another user after sudo authentication.

Visual illustrations of the commands and their outputs are shown below: