diff --git a/nethermind/Dockerfile.binary b/nethermind/Dockerfile.binary
index 6bc6b979..f8224a59 100644
--- a/nethermind/Dockerfile.binary
+++ b/nethermind/Dockerfile.binary
@@ -12,6 +12,13 @@ ARG UID=10001
 # GID 10002 is deliberate so it can exchange secret with CL
 ARG GID=10002
 
+RUN set -eux; \
+	apt-get update; \
+	DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC apt-get install -y ca-certificates gosu tzdata wget git adduser; \
+	rm -rf /var/lib/apt/lists/*; \
+# verify that the binary works
+        gosu nobody true
+
 RUN addgroup \
     --gid "${GID}" \
     "${USER}"
@@ -27,13 +34,6 @@ RUN adduser \
     --ingroup "${USER}" \
     "${USER}"
 
-RUN set -eux; \
-	apt-get update; \
-	DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC apt-get install -y ca-certificates gosu tzdata wget git; \
-	rm -rf /var/lib/apt/lists/*; \
-# verify that the binary works
-        gosu nobody true
-
 # This only goes so far. keystore, logs and nethermind_db are volumes and need to be chown'd in the entrypoint
 RUN chown -R ${USER}:${USER} /nethermind
 RUN mkdir -p /var/lib/nethermind/ee-secret && chown -R ${USER}:${USER} /var/lib/nethermind \