diff --git a/hub/setup-hub.sh b/hub/setup-hub.sh
index 1ee9e8c..37f01ed 100755
--- a/hub/setup-hub.sh
+++ b/hub/setup-hub.sh
@@ -118,21 +118,6 @@ else
     groupadd -g 1000 "$HUB_USER" 2>/dev/null || true
     useradd -m -u 1000 -g 1000 -s /bin/bash "$HUB_USER"
 
-    ADDED_TO_GROUP=false
-    if getent group sudo >/dev/null 2>&1; then
-        if usermod -aG sudo "$HUB_USER" 2>/dev/null; then
-            ADDED_TO_GROUP=true
-        fi
-    fi
-    if [ "$ADDED_TO_GROUP" = false ] && getent group wheel >/dev/null 2>&1; then
-        if usermod -aG wheel "$HUB_USER" 2>/dev/null; then
-            ADDED_TO_GROUP=true
-        fi
-    fi
-    if [ "$ADDED_TO_GROUP" = false ]; then
-        warn "Neither sudo nor wheel group found — $HUB_USER user has no sudo access."
-    fi
-
     info "$HUB_USER user created."
     echo ""
     warn "Set a password for the $HUB_USER user:"
@@ -142,7 +127,7 @@ fi
 ARMBIAN_HOME="/home/$HUB_USER"
 SSH_DIR="$ARMBIAN_HOME/.ssh"
 mkdir -p "$SSH_DIR"
-touch "$SSH_DIR/authorized_keys"
+[ -f "$SSH_DIR/authorized_keys" ] || touch "$SSH_DIR/authorized_keys"
 chown -R "$HUB_USER":"$HUB_USER" "$SSH_DIR"
 chmod 700 "$SSH_DIR"
 chmod 600 "$SSH_DIR/authorized_keys"
@@ -183,12 +168,12 @@ if [[ "${DISABLE_PASS,,}" == "y" ]]; then
         warn "No keys found in $SSH_DIR/authorized_keys — skipping password auth disable to avoid lockout."
     else
         if grep -q "^PasswordAuthentication" "$SSHD_CONF"; then
-            sed -i "s/^PasswordAuthentication.*/PasswordAuthentication no/" "$SSHD_CONF"
+            sed -i "s|^PasswordAuthentication.*|PasswordAuthentication no|" "$SSHD_CONF"
         else
             echo "PasswordAuthentication no" >> "$SSHD_CONF"
         fi
         if grep -q "^PubkeyAuthentication" "$SSHD_CONF"; then
-            sed -i "s/^PubkeyAuthentication.*/PubkeyAuthentication yes/" "$SSHD_CONF"
+            sed -i "s|^PubkeyAuthentication.*|PubkeyAuthentication yes|" "$SSHD_CONF"
         else
             echo "PubkeyAuthentication yes" >> "$SSHD_CONF"
         fi