-
Notifications
You must be signed in to change notification settings - Fork 0
Linux Command‐Line‐Interface Guide
What follows are some useful bash/zsh commands for review and investigation of Linux OS settings, configuration, and artifacts, broken down categorically:
General syntax = “command --option argument”
NOTE: $ = Standard User, #=root (UID 0, eg “super admin”); ALL commands are run as "standard user," with "sudo" noted where generally required!
Help (replace "command" with a command!):
command --help
Get "detailed" help (replace "command" with a command!):
man command
What shell are you using?:
echo $0
Info about the currently-logged in user:
whoami
More verbose info about the currently-logged-in user:
id
Print working directory (where are you "on the file system?"):
pwd
Get info about running processes as standard user (-a = all; -f=full; -w=wide, -x=remove bsd tty restriction:
ps -aux
Get info about running processes as elevated user ("sudo") and search for "root," pagenating output:
sudo ps -aux | grep root | less
View details...(a=all, f=full w/cmd args, w=wide, ww=unlimited width, x=lift bsd tty restriction):
ps -auxfww
Alternate way to view info about running processes ("list open files"):
sudo lsof
View processes by resource utilization (type "q" to quit):
top
Show processes by resource utilization in a graphical format ("F10" to quit):
htop
View disk partitions (that's a lowercase "-L" below):
sudo fdisk -l
View disk utilization (-T= show type, -h = human-readable sizes):
df -Th
Show current directory:
pwd
Change directory by moving "up" one dir in the file system:
cd ..
Return to the currently-logged-in user home directory:
cd
List directory contents:
ls
List directory contents (-l=long, -a=all):
ls -la
Change to a specific directory ("absolute" dir references begin with a "/"):
cd /home/kali
Change to a specific "relative" directory (no leading "/", relative to your current location):
cd kali
Output "text" to a file named "test.txt" (">>" = append file contents):
echo text >> test.txt
Display contents of "test.txt" to STDOUT (the screen):
cat test.txt
Search "test.txt" for the string "abc":
grep abc test.txt
Elevate permissions using "sudo" and search the "/etc" directory for files starting with "ssh":
sudo find /etc -iname ssh*
Show network interface configuration info:
ifconfig
Show "IP addresses," brief output:
ip -br a
Show network-socket info (-a=all, -n=no name resolution, -t=tcp, -u=udp, -p=PID of associated program):
sudo netstat -antup
Search all "tcp/udp" sockets for "port 22":
sudo lsof -i :22
Show the configured name servers (resolv.conf file):
cat /etc/resolv.conf
Query the "A" DNS name record for "cisco.com":
nslookup cisco.com
Check the MX (mail exchanger) DNS record for Cisco, using Google's DNS servers:
nslookup -type=mx cisco.com 8.8.8.8
Check connectivity to "cisco.com" using ICMP ("ping") twice (-c 2) via IPv4 (-4):
ping cisco.com -c 2 -4
Trace the network route from your Host to "cisco.com":
traceroute cisco.com
Count the number of lines in the file "test.txt":
cat test.txt | wc -l
Output the contents of the file "test.txt" to STDOUT (screen), sorting output and omitting duplicates:
cat test.txt | sort -u
Copy the file "test.txt" to "test2.txt" in the current file path:
cp test.txt test2.txt
Send the contents of "test.txt" to STDOUT (screen), "cutting" the output on a "space" delimiter, and showing only columns 3, 4, and 5):
cat test.txt | cut -d “ “ -f3-5
Search the contents of "filename.txt" for the string "abc":
grep abc filename.txt
Search all contents of the current directory and subdirectories (-r=recursive; "./"=the current dir; -i=case insensitive) for the case-insensitive string "abc":
grep -i -r abc ./
Shut down the Linux host (-h=halt, now=now!):
shutdown -h now
Restart the Linux host:
reboot
Show all "running" services:
systemctl --type=service --state=running
Show all services in a "failed" state:
systemctl --type=service --state=failed
Show the status of a specific services named "polkit":
systemctl status polkit
Check running processes for keyword "cron" (cron="chronological," scheduled-task service):
ps aux | grep cron
Show contents of the "chronological table" (crontab - default/template):
cat /etc/crontab
Create/edit a scheduled task entry for your user profile:
crontab -e
View crontab entries for another user, eg "root" (must elevate using "sudo"):
sudo crontab -u root -l
Opens "filename.txt" in the current directory. If one does not exist, it "nano" creates one:
nano filename.txt
Some useful "nano" keyboard shortcuts:
“Ctrl + G” = Help
“Ctrl + K” = Cut
“Ctrl + U” = Paste
“Ctrl + /” = Go To Line
“Alt + U” = Undo
“Alt + E” = Redo
“Alt + M” = Enable Mouse
Check to see if the secure shell ("ssh") server service is installed:
sudo apt list *ssh-server*
Check to see if the "ssh" service is running:
systemctl --type=service --state=running | grep -i ssh
View all running processes containing the keyword "ssh":
ps aux | grep ssh
Show currently logging-in user sessions and session type (tty = native terminal; pts = pseudo terminal):
who
SSH from Windows or other Linux host to "192.168.1.1" using the "user" account (type "exit" or "logout" to disconnect the session):
ssh username@192.168.1.1
Display user accounts:
users
Get help on "adding" a user account:
useradd --help
Elevate privileges and add a user named "test":
sudo useradd test
Delete the user "test":
sudo userdel test
Set a password for the user "test" (you'll be prompted to enter one):
sudo passwd test
Display all groups:
groups
Add a group named "testgroup":
sudo groupadd testgroup
Delete the "testgroup":
sudo groupdel testgroup
List members of the group "users":
sudo groupmems -g users -l
...TO BE CONTINUED...