I'm currently locking down some VCSA 6.0 instances (DoD STIG), and I need to disable SSH access for root. I can do that no problem in the sshd_config file, but I want to have another user that I can SSH as. I've created a user, we'll call sshuser, and put it in the sudoers file with the same permissions as root. I can SSH on as that account, but when I try to issue "su", it spits out the normal screen you get when you SSH as root (where you have to enable the shell and start it). I try to issue the "shell" command to start the BASH shell, but it says that the user "sshuser" does not have permissions to enter this command.
What do I need to do in order to give this sshuser every permission that root has? I want to make sure I have a fully functional root level account before disabling root logon.