PentOpsVaultLinux
Basics of Linux
CheatSheet
Linux Cheat Sheet
Table of Contents
- File Listing
- Changing Directories
- File Operations
- File Viewing and Editing
- Symbolic Links
- Input/Output Redirection
- Search and Filter
- Archives
- File Transfer
- File Permissions
- System Information
- Disk Usage
- Process Management and Performance Monitoring
- User Management
- Networking
File Listing
| Command | Description |
|---|---|
ls | List the names of files and subfolders in the current directory. |
ls -l | Also show details of each item displayed, such as user permissions and the time/date when the item was last modified. |
ls -a | Also display hidden files/folders. May be combined with ls -l to form ls -al. |
ls -t | Sort the files/folders according to the last modified time/date, starting with the most recently modified item. |
ls | List the files matching pattern. |
Special instances:
.— current directory..— parent directory
Changing Directories
| Command | Description |
|---|---|
cd directory-name | Change directory to directory-name. |
cd | To the $HOME directory. |
cd .. | Up one level to enclosing folder or parent directory. |
cd /etc | To the /etc directory. |
File Operations
| Command | Description |
|---|---|
cmp | Compare two files for sameness. No output if they are identical, outputs character and line number otherwise. |
diff | Compare two files for differences. Outputs the difference. |
pwd | Display the path of the current working directory. |
mkdir | Make a new directory named X inside the current directory. |
mv | Move a file from one path to another. Also used for renaming files. |
cp | Copy a file from one path to another. Usage similar to mv. |
cp | Recursively copy a directory and its contents to another location. |
rm | Remove (delete) a file permanently. |
rm -r | Recursively delete a directory and its contents. |
rm -f | Forcibly remove a file without prompts or confirmation. |
rm -rf | Forcibly remove a directory and its contents recursively. |
rmdir | Remove a directory permanently, provided it is empty. |
File Viewing and Editing
| Command | Description |
|---|---|
open -e | Opens a file in the default text editor. |
touch | Create an empty file or update the access and modification times. |
cat | View contents of a file. |
cat -b | Also display line numbers. |
wc | Display word count of a file. |
head | Display the first 10 lines of a file. If multiple files are specified, each file is preceded by a header consisting of "==> [Filename] <==". |
head -n 4 | Show the first 4 lines of a file. |
ls *.c | head -n 5 | Display the first 5 items of a list of .c files in the current directory. |
tail | Display the last 10 lines of a file. |
tail -n +1 | Display entire contents of the specified file(s), with header of respective file names. |
tail -f | Display the last 10 lines of the specified file(s), and track changes appended to them at the end. |
Symbolic Links
| Command | Description |
|---|---|
ln -s | Create symbolic link of path. |
Input/Output Redirection
| Command | Description |
|---|---|
echo TEXT | Display a line of TEXT or the contents of a variable. |
echo -e TEXT | Also interprets escape characters in TEXT, e.g., \n → new line, \b → backslash, \t → tab. |
cmd1 | cmd2 | Pipe the output of cmd1 to cmd2. |
cmd > file | Redirect output of a command cmd to a file file. Overwrites pre-existing content of file. |
cmd >& file | Redirect output of cmd to file. Overwrites pre-existing content of file. Suppresses the output of cmd. |
cmd > /dev/null | Suppress the output of cmd. |
cmd >> file | Append output of cmd to file. |
cmd < file | Read input of cmd from file. |
cmd << delim | Read input of cmd from the standard input with the delimiter character delim to terminate the input. |
Search and Filter
| Command | Description |
|---|---|
grep | Search for a text pattern in specified file(s) or standard input. |
grep -r | Search recursively for a text pattern. |
grep -v | Return lines not matching the specified pattern. |
grep -l | Write to standard output the names of files containing the pattern. |
grep -i | Perform case-insensitive matching. |
Archives
| Command | Description |
|---|---|
tar | Manipulate archives with .tar extension. |
gzip | Manipulate archives with .gz extension. |
bzip2 | Manipulate archives with .bz2 extension. |
zip | Create ZIP archives. |
unzip | Unzip ZIP archives. |
File Transfer
| Command | Description |
|---|---|
ssh user@access | Connect to access as user. |
ssh access | Connect to access as your local username. |
ssh -p port user@access | Connect to access as user using port. |
scp [user1@]host1:[path1] [user2@]host2:[path2] | |
scp -P port [user1@]host1:[path1] [user2@]host2:[path2] | Connect to hostN as userN using port for N=1,2. |
scp -r [user1@]host1:[path1] [user2@]host2:[path2] | Recursively copy all files and directories from path1 to path2. |
sftp [user@]access | Login to access as user via secure file transfer protocol. If user is not specified, your local username will be used. |
sftp access | Connect to access as your local username. |
sftp -P port user@access | Connect to access as user using port. |
rsync -a [path1] [path2] | Synchronize [path1] to [path2], preserving symbolic links, attributes, permissions, ownerships, and other settings. |
rsync -avz host1:[path1] [path2] | Synchronize [path1] on the remote host host1 to the local path [path2], preserving symbolic links, attributes, permissions, ownerships, and other settings. It also compresses the data involved during the transfer. |
File Permissions
| Command | Description |
|---|---|
chmod permission file | Change permissions of a file or directory. Permissions may be of the form [u/g/o/a][+/-/=][r/w/x] (see examples below) or a three-digit octal number. |
chown user2 file | Change the owner of a file to user2. |
chgrp group2 file | Change the group of a file to group2. |
Usage examples:
| Command | Description |
|---|---|
chmod +x testfile | Allow all users to execute the file |
chmod u-w testfile | Forbid the current user from writing or changing the file |
chmod u+wx,g-x,o=rx testfile | Simultaneously add write and execute permissions to user, remove execute permission from group, and set the permissions of other users to only read and write. |
System Information
General
| Command | Description |
|---|---|
uname | Show the Linux system information. |
uname -a | Detailed Linux system information |
uname -r | Kernel release information, such as kernel version |
uptime | Show how long the system is running and load information. |
su | Switch user to root |
sudo | Superuser; use this before a command that requires root access e.g., su shutdown |
cal | Show calendar where the current date is highlighted. |
date | Show the current date and time of the machine. |
halt | Stop the system immediately. |
shutdown | Shut down the system. |
reboot | Restart the system. |
last reboot | Show reboot history. |
man COMMAND | Shows the manual for a given COMMAND. To exit the manual, press “q”. |
hostname | Show system host name |
hostname -I | Display IP address of host |
cat /etc/*-release | Show the version of the Linux distribution installed. For example, if you’re using Red Hat Linux, you may replace * with redhat. |
Disk Usage
| Command | Description |
|---|---|
df | Display free disk space. |
du | Show file/folder sizes on disk. |
du -ah | Disk usage in human readable format (KB, MB etc.) |
du -sh | Total disk usage of the current directory |
du -h | Free and used space on mounted filesystems |
du -i | Free and used inodes on mounted filesystems |
fdisk -l | List disk partitions, sizes, and types |
free -h | Display free and used memory in human readable units. |
free -m | Display free and used memory in MB. |
free -g | Display free and used memory in GB. |
Process Management and Performance Monitoring
| Command | Description |
|---|---|
& | Add this character to the end of a command/process to run it in the background |
ps | Show process status. Often used with grep e.g., ps aux | grep python3 displays information on processes involving python3. |
ps -ef | Print detailed overview |
ps -U root -u root | Display all processes running under the account root. |
ps -eo pid,user,command | Display only the columns pid, user and command in ps output |
top | Display sorted information about processes |
htop | Display sorted information about processes with visual highlights. It allows you to scroll vertically and horizontally, so you can see every process running on your system and entire commands. |
atop | Display detailed information about processes and hardware |
kill PID | Kill a process specified by its process ID PID, which you obtain using the ps command |
killall proc1 | Kill all processes containing proc1 in their names |
lsof | List all open files on the system. (This command helps you pinpoint what files and processes are preventing you from successfully ejecting an external drive.) |
lsof -u root | List all files on the system opened by the root user. As the output can be long, you may use lsof -u root | less to keep this list from taking up space in the terminal output. |
mpstat 1 | Display processor-related statistics, updated every second (hence the 1, whereas mpstat 2 refreshes the output every 2 seconds) |
vmstat 1 | Display virtual memory statistics (information about memory, system processes, paging, interrupts, block I/O, disk, and CPU scheduling), updated every (1) second |
iostat 1 | Display system input/output statistics for devices and partitions. virtual memory statistics, updated every (1) second |
tail -n 100 /var/log/messages | Display the last 100 lines in the system logs. Replace /var/log/messages with /var/log/syslog for Debian-based systems. |
tcpdump -i eth0 | Capture and display all packets on interface eth0 |
tcpdump -i eth0 port 80 | Monitor all traffic on interface eth0 port 80 (HTTP) |
watch df -h | Execute df -h and show periodic updates. To exit, press Ctrl+C. |
User Management
| Command | Description |
|---|---|
who | Display who is logged in |
w | Display what users are online and what they are doing |
users | List current users |
whoami | Display what user you are logged in as |
id | Display the user ID and group IDs of your current user |
last | Display the last users who have logged onto the system |
groupadd gp1 | Create a group named gp1 |
useradd -c "Alice Bob" -m ab1 | Create an account named ab1, with a comment of "Alice Bob" and create the new user’s home directory |
userdel ab1 | Delete the account named ab1 |
usermod -aG gp1 ab1 | Add the account ab1 to the group gp1 |
Networking
| Command | Description |
|---|---|
ifconfig | Display all network interfaces with IP addresses |
ifconfig -a | Display all network interfaces, even if any of them is down, with IP addresses |
ifconfig eth0 | Display IP addresses and details of the eth0 interface |
ip a | Another way to display all network interfaces with IP addresses |
ethtool eth0 | Query or control network driver and hardware settings of the interface eth0 |
netstat | Print open sockets of network connections, routing tables, interface statistics, masquerade connections, and multicast memberships. Pipe with the less command: e.g., netstat -a | less |
netstat -a | Show both listening and non-listening sockets |
netstat -l | Show only listening sockets |
netstat -nutlp | Show listening TCP and UDP ports and corresponding programs |
ping host | Send ICMP echo request to host, which may be a symbolic name, domain name or IP address |
whois domain | Display whois information for domain |
dig domain | Display DNS information for domain |
dig -x addr | Do a reverse lookup on an IPv4 or IPv6 address addr |
host domain | Display DNS IP address for domain |
wget LINK | Download from location LINK |
curl LINK | Display the HTML source of LINK. Check out our curl Cheat Sheet for details. |