File System
Directory | Description |
/ (root filesystem) | The root filesystem is the top-level directory of the filesystem and contains all of the files necessary to boot the Linux system. After the system is booted, other filesystems are mounted as sub-directories of the root filesystem. |
/bin | The /bin directory contains user executable files. |
/boot | Contains the static boot-loader and kernel executable and configuration files required to boot a Linux computer. |
/dev | This directory contains the device
files for every hardware device attached to the system. These are not
device drivers, rather they are files that represent each device on the
computer and facilitate access to those devices. |
/etc | Contains the local system configuration files for the host computer. |
/home | Home directory storage for user files. Each user has a subdirectory in /home. |
/lib | Contains shared library files that are required to boot the system. |
/media | A place to mount external removable media devices such as USB thumb drives that may be connected to the host. |
/mnt | A temporary mountpoint for regular
filesystems (as in not removable media) that can be used while the
administrator is repairing or working on a filesystem. |
/opt | Optional files such as vendor supplied application programs should be located here. |
/root | This is not the root (/) filesystem. It is the home directory for the root user. |
/sbin | System binary files. These are executables used for system administration. |
/tmp | Temporary directory. Used by the operating system and
many programs to store temporary files. Users may also store files here
temporarily. Note that files stored here may be deleted at any time
without prior notice. |
/usr | These are shareable, read-only files, including executable binaries and libraries, man files, and other types of documentation. |
/var | Variable data files are stored here. This can include
things like log files, MySQL, and other database files, web server data
files, email inboxes, and much more. |
/mnt | It is used as local mounting point |
Process
ps command
List all running processes:
ps aux
List all running processes including the full command string:
ps auxww
Search for a process that matches a string:
ps aux | grep {{string}}
List all processes of the current user in extra full format:
ps --user $(id -u) -F
List all processes of the current user as a tree:
ps --user $(id -u) f
Get the parent PID of a process:
ps -o ppid= -p {{pid}}
Sort processes by memory consumption:
ps --sort size
ps aux output/proc folder contains information about processes and other system informationFor more info visit: https://manned.org/ps.
pstree command
Display a tree of processes:
pstree
Display a tree of processes with PIDs:
pstree -p
Display all process trees rooted at processes owned by specified user:
pstree {{user}}
-g adds psid-s adds parent of procces-a adds argument of processFor more info visit: https://manned.org/pstree.
Network
ifconfig command
View network settings of an Ethernet adapter:
ifconfig eth0
Display details of all interfaces, including disabled interfaces:
ifconfig -a
Disable eth0 interface:
ifconfig eth0 down
Enable eth0 interface:
ifconfig eth0 up
Assign IP address to eth0 interface:
ifconfig eth0 {{ip_address}}
For more info visit: https://net-tools.sourceforge.io/man/ifconfig.8.html.
nmcli command
Run an nmcli subcommand:
nmcli {{agent|connection|device|general|help|monitor|networking|radio}} {{command_options}}
Display the current version of NetworkManager:
nmcli --version
Display help:
nmcli --help
Display help for a subcommand:
nmcli {{subcommand}} --help
For more info visit: https://networkmanager.dev/docs/api/latest/nmcli.html.
ip command
Show / manipulate routing, devices, policy routing and tunnels.
List interfaces with detailed info:
ip address
List interfaces with brief network layer info:
ip -brief address
List interfaces with brief link layer info:
ip -brief link
Display the routing table:
ip route
Show neighbors (ARP table):
ip neighbour
Make an interface up/down:
ip link set {{interface}} up/down
Add/Delete an IP address to an interface:
ip addr add/del {{ip}}/{{mask}} dev {{interface}}
Add a default route:
ip route add default via {{ip}} dev {{interface}}
For more info visit: https://www.man7.org/linux/man-pages/man8/ip.8.html.
netstat command
Displays network-related information such as open connections, open socket ports, etc.
List all ports:
netstat --all
List all listening ports:
netstat --listening
List listening TCP ports:
netstat --tcp
Display PID and program names:
netstat --program
List information continuously:
netstat --continuous
List routes and do not resolve IP addresses to hostnames:
netstat --route --numeric
List listening TCP and UDP ports (+ user and process if you're root):
netstat --listening --program --numeric --tcp --udp --extend
For more info visit: https://man7.org/linux/man-pages/man8/netstat.8.html.
ss command
Utility to investigate sockets.
Show all TCP/UDP/RAW/UNIX sockets:
ss -a {{-t|-u|-w|-x}}
Filter TCP sockets by states, only/exclude:
ss {{state/exclude}} {{bucket/big/connected/synchronized/...}}
Show all TCP sockets connected to the local HTTPS port (443):
ss -t src :{{443}}
Show all TCP sockets listening on the local 8080 port:
ss -lt src :{{8080}}
Show all TCP sockets along with processes connected to a remote ssh port:
ss -pt dst :{{ssh}}
Show all UDP sockets connected on specific source and destination ports:
ss -u 'sport == :{{source_port}} and dport == :{{destination_port}}'
Show all TCP IPv4 sockets locally connected on the subnet 192.168.0.0/16:
ss -4t src {{192.168/16}}
For more info visit: https://manned.org/ss.8.
traceroute command
Print the route packets trace to network host.
Traceroute to a host:
traceroute {{host}}
Disable IP address and host name mapping:
traceroute -n {{host}}
Specify wait time for response:
traceroute -w {{0.5}} {{host}}
Specify number of queries per hop:
traceroute -q {{5}} {{host}}
Specify size in bytes of probing packet:
traceroute {{host}} {{42}}
For more info visit: https://manned.org/traceroute.
nc command
Netcat is a versatile utility for working with TCP or UDP data.
Listen on a specified port and print any data received:
nc -l {{port}}
Connect to a certain port:
nc {{ip_address}} {{port}}
Set a timeout:
nc -w {{timeout_in_seconds}} {{ipaddress}} {{port}}
Keep the server up after the client detaches:
nc -k -l {{port}}
Keep the client up even after EOF:
nc -q {{timeout}} {{ip_address}}
Scan the open ports of a specified host:
nc -v -z {{ip_address}} {{port}}
Act as proxy and forward data from a local TCP port to the given remote host:
nc -l {{local_port}} | nc {{hostname}} {{remote_port}}
For more info visit: https://nmap.org/ncat.
dig command
DNS lookup utility.
Lookup the IP(s) associated with a hostname (A records):
dig +short {{example.com}}
Get a detailed answer for a given domain (A records):
dig +noall +answer {{example.com}}
Query a specific DNS record type associated with a given domain name:
dig +short {{example.com}} {{A|MX|TXT|CNAME|NS}}
Get all types of records for a given domain name:
dig {{example.com}} ANY
Specify an alternate DNS server to query:
dig @{{8.8.8.8}} {{example.com}}
Perform a reverse DNS lookup on an IP address (PTR record):
dig -x {{8.8.8.8}}
Find authoritative name servers for the zone and display SOA records:
dig +nssearch {{example.com}}
Perform iterative queries and display the entire trace path to resolve a domain name:
dig +trace {{example.com}}
For more info visit: https://manned.org/dig.
Permission
chown command
Permission management tool
Change the owner user of a file/directory:
chown {{user}} {{path/to/file_or_directory}}
Change the owner user and group of a file/directory:
chown {{user}}:{{group}} {{path/to/file_or_directory}}
Recursively change the owner of a directory and its contents:
chown -R {{user}} {{path/to/directory}}
Change the owner of a symbolic link:
chown -h {{user}} {{path/to/symlink}}
Change the owner of a file/directory to match a reference file:
chown --reference={{path/to/reference_file}} {{path/to/file_or_directory}}
For more info visit: https://www.gnu.org/software/coreutils/chown.
chmod command
Give the [u]ser who owns a file the right to e[x]ecute it:
chmod u+x {{path/to/file}}
Give the [u]ser rights to [r]ead and [w]rite to a file/directory:
chmod u+rw {{path/to/file_or_directory}}
Remove e[x]ecutable rights from the [g]roup:
chmod g-x {{path/to/file}}
Give [a]ll users rights to [r]ead and e[x]ecute:
chmod a+rx {{path/to/file}}
Give [o]thers (not in the file owner's group) the same rights as the [g]roup:
chmod o=g {{path/to/file}}
Remove all rights from [o]thers:
chmod o= {{path/to/file}}
Change permissions recursively giving [g]roup and [o]thers the ability to [w]rite:
chmod -R g+w,o+w {{path/to/directory}}
Recursively give [a]ll users [r]ead permissions to files and e[X]ecute permissions to sub-directories within a directory:
chmod -R a+rX {{path/to/directory}}
For more info visit: https://www.gnu.org/software/coreutils/chmod.
SSH
ssh-keygen
Generate ssh keys used for authentication, password-less logins, and other things.
Generate a key interactively:
ssh-keygen
Specify file in which to save the key:
ssh-keygen -f {{~/.ssh/filename}}
Generate an ed25519 key with 100 key derivation function rounds:
ssh-keygen -t {{ed25519}} -a {{100}}
Generate an RSA 4096-bit key with email as a comment:
ssh-keygen -t {{dsa|ecdsa|ed25519|rsa}} -b {{4096}} -C "{{comment|email}}"
Remove the keys of a host from the known_hosts file (useful when a known host has a new key):
ssh-keygen -R {{remote_host}}
Retrieve the fingerprint of a key in MD5 Hex:
ssh-keygen -l -E {{md5}} -f {{~/.ssh/filename}}
Change the password of a key:
ssh-keygen -p -f {{~/.ssh/filename}}
Change the type of the key format (for example from OPENSSH format to PEM), the file will be rewritten in-place:
ssh-keygen -p -N "" -m {{PEM}} -f {{~/.ssh/OpenSSH_private_key}}
More information: https://man.openbsd.org/ssh-keygen.
ssh
Secure Shell is a protocol used to securely log onto remote systems.
Connect to a remote server:
ssh {{username}}@{{remote_host}}
Connect to a remote server with a specific identity (private key):
ssh -i {{path/to/key_file}} {{username}}@{{remote_host}}
Connect to a remote server using a specific port:
ssh {{username}}@{{remote_host}} -p {{2222}}
Run a command on a remote server with a [t]ty allocation allowing interaction with the remote command:
ssh {{username}}@{{remote_host}} -t {{command}} {{command_arguments}}
SSH tunneling: Dynamic port forwarding (SOCKS proxy on localhost:1080):
ssh -D {{1080}} {{username}}@{{remote_host}}
SSH tunneling: Forward a specific port (localhost:9999 to example.org:80) along with disabling pseudo-[T]ty allocation and executio[N] of remote commands:
ssh -L {{9999}}:{{example.org}}:{{80}} -N -T {{username}}@{{remote_host}}
SSH jumping: Connect through a jumphost to a remote server (Multiple jump hops may be specified separated by comma characters):
ssh -J {{username}}@{{jump_host}} {{username}}@{{remote_host}}
Agent forwarding: Forward the authentication information to the remote machine (see man ssh_config for available options):
ssh -A {{username}}@{{remote_host}}
More information: https://man.openbsd.org/ssh.
ssh-copy-id command
Install your public key in a remote machine's authorized_keys.
Copy your keys to the remote machine:
ssh-copy-id {{username@remote_host}}
Copy the given public key to the remote:
ssh-copy-id -i {{path/to/certificate}} {{username}}@{{remote_host}}
Copy the given public key to the remote with specific port:
ssh-copy-id -i {{path/to/certificate}} -p {{port}} {{username}}@{{remote_host}}
More information: https://manned.org/ssh-copy-id.
journalctl command
Query the systemd journal.
Show all messages with priority level 3 (errors) from this [b]oot:
journalctl -b --priority={{3}}
Show all messages from last [b]oot:
journalctl -b -1
Delete journal logs which are older than 2 days:
journalctl --vacuum-time={{2d}}
[f]ollow new messages (like
tail -f
for traditional syslog):
journalctl -f
Show all messages by a specific [u]nit:
journalctl -u {{unit}}
Filter messages within a time range (either timestamp or placeholders like "yesterday"):
journalctl --since {{now|today|yesterday|tomorrow}} --until {{YYYY-MM-DD HH:MM:SS}}
Show all messages by a specific process:
journalctl _PID={{pid}}
Show all messages by a specific executable:
journalctl {{path/to/executable}}
More Information: https://manned.org/journalctl.