The only thing the user can do is to
"su" to login into root and then
administer the sytem.
This is done to increase security.
Every little bit helps right?
wrong.
if you want root to be able to login, you should just allow root to be able to login.
logging in as a user and then doing su to become root is a very complex and less secure way of doing that:
- in general anything may fail, so more steps you ask the user to make, more chances are that one step goes wrong (with "wrong" I mean you did not do something right and someone hacks your server)
- you would be forcing to enter root password, while it could be considered much more secure to use ssh keys to login without having to enter any password. Or to use ssh keys AND having to enter their pass-phrase, for added security
if you don't really know what you want, you'd better keep it simple and use standard programs written by people who do know what they are doing. It's clear you are not a security expert, hence consider that anything you may came up with has already been done by someone that is an expert, or has been discarded as worthless, or never occurred to them since it just does not make sense.
you probably want to know how to use ssh-keygen and how to configure sshd_config.