Shell Command

Linux Bash Commands

Type of CommandNameCommandKeywordOS
digView External IPdig +short myip.opendns.com @resolver1.opendns.comsystemLinux
yumRemove yum cacheyum clean all
rm -rf /var/cache/yum/*
systemLinux
timedatectlChange time to earlier datetimedatectl
timedatectl set-time 2019-06-19
systemLinux
nmcliNetwork Managernmcli con mod CON1 +ipv4.addresses "10.0.0.1/24"systemLinux
iptablesFirewalliptables (deprecated)systemLinux
firewalldFirewallfirewalldsystemLinux
firewalldSystem Control Statussystemctl status firewalld
sudo firewall-cmd --state
systemctl status iptables
service iptables status
systemCentOS,
hostnameSet view hostnamehostname
hostname host.domain.tld
systemLinux
hostnameDisplay the IP addresses of the hosthostname -IsystemLinux
psView services PID to nameps -p 'PID' -o comm=
ps -a [PID]
ps -ef | grep
systemLinux
pmtashowstacksView PMTA versionpmtashowstacks --versionPMTALinux
lsList itemsls -lsystemLinux
nmcliNetwork Managernmcli con show
nmcli device status
systemCentOS
nmcliNetwork Managernmcli con add type ethernet con-name CON1 ifname eth1 ip4 192.168.190.1/24 \gw4 192.168.1.1systemCentOS
ip aView IPconfigip addresssyste,CentOS
catSSH authorised keyscat /.ssh/authorized_keyssystemLinux
pwdDisplays working directorypwdsystemLinux
adduserAdd useruseradd USERNAME -d /home/USERNAME
passwd 'PASSWORD
systemLinux
systemctlStart PMTA
Status PMTA
systemctl start pmta.service
systemctl status pmta.service
PMTALinux
host/digView public IPhost myip.opendns.comresolver1.opendns.com
dig +short myip.opendns.com @resolver1.opendns.com
systemLinux
systemctlSystem reboot/shutdownsystemctl reboot
systemctl shutdown
systemLinux
journalctlView PMTA errorlogjournalctl -u pmta.servicePMTACentOS
systemctlRestart network to updatesystemctl restart networkSystemCentos
head/tailhead/tail: Displays the first/ last 10 lines of a file.tail
tail -f
Linux
wgetDownload fileswget http://releases.ubuntu.com/18.10/ubuntu-18.10-desktop-amd64.isosystemLinux
OpenSSLCreate new Private Key and Certificate Signing Requestreq -out geekflare.csr -newkey rsa:2048 -nodes -keyout geekflare.keyOpenSSLLinux
OpenSSLCreate a Self-Signed Certificate (dafault 30 days)openssl req -x509 -sha256 -nodes -newkey rsa:2048 -keyout gfselfsigned.key -out gfcert.pemOpenSSLLinux
OpenSSLCreate a Self-Signed Certificate (for 2 years)openssl req -x509 -sha256 -nodes -days 730 -newkey rsa:2048 -keyout gfselfsigned.key -out gfcert.pemOpenSSLLinux
OpenSSLPrint certificate’s fingerprint as md5, sha1, sha256 digestopenssl x509 -in cert.pem -fingerprint -sha256 -nooutOpenSSLLinux
OpenSSLVerify CSR fileopenssl req -noout -text -in geekflare.csrOpenSSLLinux
OpenSSLCreate RSA Private Key (2048-bis is secure enough)openssl genrsa -out private.key 2048OpenSSLLinux
OpenSSLRemove Passphrase from Keyopenssl rsa -in certkey.key -out nopassphrase.keyOpenSSLLinux
OpenSSLPrint public key or modulus onlyopenssl rsa -in example.key -puboutOpenSSLLinux
OpenSSLPrint textual representation of RSA keyopenssl rsa -in example.key -text -nooutOpenSSLLinux
OpenSSLCheck your private key.openssl rsa -check -in example.keyOpenSSLLinux
OpenSSLEncrypt existing private key with a passphraseopenssl rsa -des3 -in example.key -out example_with_pass.keyOpenSSLLinux
OpenSSLVerify Private Keyopenssl rsa -in certkey.key –checkOpenSSLLinux
OpenSSLVerify Certificate Fileopenssl x509 -in certfile.pem -text –nooutOpenSSLLinux
OpenSSLVerify the Certificate Signer Authorityopenssl x509 -in certfile.pem -noout -issuer -issuer_hashOpenSSLLinux
OpenSSLCheck Hash Value of A Certificateopenssl x509 -noout -hash -in bestflare.pemOpenSSLLinux
OpenSSLConvert DER to PEM formatopenssl x509 –inform der –in sslcert.der –out sslcert.pemOpenSSLLinux
OpenSSLConvert PEM to DER formatopenssl x509 –outform der –in sslcert.pem –out sslcert.derOpenSSLLinux
OpenSSLConvert Certificate and Private Key to PKCS#12 formatopenssl pkcs12 –export –out sslcert.pfx –inkey key.pem –in sslcert.pemOpenSSLLinux
OpenSSLConvert Certificate and Private Key to PKCS#12 format including chainsopenssl pkcs12 –export –out sslcert.pfx –inkey key.pem –in sslcert.pem -chain cacert.pemOpenSSLLinux
OpenSSLCreate CSR using an existing private keyopenssl req –out certificate.csr –key existing.key –newOpenSSLLinux
OpenSSLCheck contents of PKCS12 format certopenssl pkcs12 –info –nodes –in cert.p12OpenSSLLinux
OpenSSLConvert PKCS12 format to PEM certificateopenssl pkcs12 –in cert.p12 –out cert.pemOpenSSLLinux
OpenSSLCombine several certificates in PKCS7 (P7B)openssl crl2pkcs7 -nocrl -certfile child.crt -certfile ca.crt -out example.p7bOpenSSLLinux
OpenSSLCombine a PEM and a private key to PKCS#12 (.pfx .p12) + chainsopenssl pkcs12 -export -out certificate.pfx -inkey privkey.pem -in certificate.pem -certfile ca-chain.pemOpenSSLLinux
OpenSSLConvert a PKCS#12 file (.pfx .p12) back to PEM (for export)openssl pkcs12 -in keystore.pfx -out keystore.pem -nodesOpenSSLLinux
OpenSSLList available EC curves supported in OpenSSLopenssl ecparam -list_curvesOpenSSLLinux
OpenSSLTest SSL certificate of particular URLopenssl s_client -connect yoururl.com:443 –showcertsOpenSSLLinux
OpenSSLFind out OpenSSL versionopenssl versionOpenSSLLinux
OpenSSLList cipher suitesopenssl ciphers -vOpenSSLLinux
OpenSSLCheck PEM File Certificate Expiration Dateopenssl x509 -noout -in certificate.pem -datesOpenSSLLinux
OpenSSLCheck Certificate Expiration Date of SSL URLopenssl s_client -connect secureurl.com:443 2>/dev/null | openssl x509 -noout –enddateOpenSSLLinux
OpenSSLSSL check if SSL3 is accepted on URLopenssl s_client -connect secureurl.com:443 -ssl2OpenSSLLinux
OpenSSLSSL check if SSL3 is accepted on URLopenssl s_client -connect secureurl.com:443 –ssl3OpenSSLLinux
OpenSSLSSL check if TLS1 is accepted on URLopenssl s_client -connect secureurl.com:443 –tls1OpenSSLLinux
OpenSSLSSL check if TLS1.1 is accepted on URLopenssl s_client -connect secureurl.com:443 –tls1_1OpenSSLLinux
OpenSSLSSL check if TLS1.2 is accepted on URLopenssl s_client -connect secureurl.com:443 –tls1_2OpenSSLLinux
OpenSSLVerify if the particular cipher is accepted on URLopenssl s_client -cipher 'ECDHE-ECDSA-AES256-SHA' -connect secureurl:443OpenSSLLinux
OpenSSLConnect to a server and show full certificate chainopenssl s_client -showcerts -host example.com -port 443 OpenSSLLinux
OpenSSLOverride SN when multiple secure sites are hosted on same IPopenssl s_client -servername http://www.example.com -host example.com -port 443OpenSSLLinux
OpenSSLMeasure SSL connection time with session reuseopenssl s_time -connect example.com:443 -newOpenSSLLinux
OpenSSLMeasure SSL connection time without session reuseopenssl s_time -connect example.com:443 -reuseOpenSSLLinux
OpenSSLMeasure speed of security algorithms, rsaopenssl speed rsa2048OpenSSLLinux
OpenSSLMeasure speed of security algorithms, ecdsapopenssl speed ecdsap256OpenSSLLinux
openssl, curlExamine TCP and SSL handshake times using curlcurl -kso /dev/null -w "tcp:%{time_connect}, ssldone:%{time_appconnect}\n" https://example.comOpenSSLLinux
curlCheck URLcurl https://domain.com/cURLLinux
curlstore the output of URL in a filecurl -o website https://domain.com/cURLLinux
curlDownload filescurl -O https://domain.com/file.zipcURLLinux
curlDownload with different namecurl -o archive.zip https://domain.com/file.zipcURLLinux
curlFetch Multiple Files at a timecurl -O URL1 -O URL2cURLLinux
curlGet HTTP header informationcurl -I http://domain.comcURLLinux
curlGet HTTP only response header informationcurl -i https://domain.com/cURLLinux
curlAccess an FTP servercurl ftp://ftp.domain.com --user username:passwordcURLLinux
curldownload files via FTPcurl ftp://ftp.domain.com/filename.extension --user username:passwordcURLLinux
curlupload a file onto the FTP server:curl -T filename.extension ftp://ftp.domain.com/ --user username:passwordcURLLinux
curlFollow HTTP Location Headers with -L optioncurl -L http://www.google.comcURLLinux
curlContinue/Resume a Previous Downloadcurl -O http://domain.com/gettext.htmlcURLLinux
curlLimit the Rate of Data Transfercurl --limit-rate 1000B -O http://domain.com/gettext.htmlcURLLinux
curlDownload only if modified before/aftercurl -z 01-Jan-19 http://www.example.com/yy.htmlcURLLinux
curlPass HTTP Authentication in cURLcurl -u username:password URLcURLLinux
curlMore info Verbose and Trace Optioncurl -v http://google.comcURLLinux
curlSend Mail using SMTP Protocolcurl --mail-from test@test.com --mail-rcpt foo@test.com smtp://mailserver.comcURLLinux
curlPerform an HTTP POST requestcurl -X GET https://domain.com/cURLLinux
curlPerform an HTTP PUT requestcurl -X PUT https://domain.com/cURLLinux
curlView External IPcurl wtfismyip.com/json
curl eth0.me
curl ipecho.net/plain
curl icanhazip.com
curl l2.io/ip
curl ifconfig.me/ip
curl httpbin.org/ip
cURLWin
ssh-keygenConvert SSH2 to OpenSSHssh-keygen -i -f /path/to/ssh/key > convertedkey.pubcrypto keysLinux
ssh-keygenConvert OpenSSH to SSH2ssh-keygen -e -f /path/to/sshkey > convertedkey.pubcrypto keysLinux
ssh-keygenSH Key fingerprint, dfault SHA256ssh-keygen -l -f /path/to/sshkeycrypto keyskeysLinux
ssh-keygenSH Key fingerprint, MD5ssh-keygen -l -E -f /path/to/sshkeycrypto keysLinux
historyList command historyhistoryLinuxLinux
historyClear entire history
Clear last command off history
history -c
history -cw
System InfoLinux
unameDisplay Linux system informationuname -aSystem InfoLinux
unameDisplay kernel release informationuname -rSystem InfoLinux
catShow which version of redhat installedcat /etc/redhat-releaseSystem InfoRedhat
uptimeSystem uptime + loaduptimeSystem InfoLinux
last rebootShow system reboot historylast rebootSystem InfoLinux
dateShow the current date and timedateSystem InfoLinux
calShow this month's calendarcalSystem InfoLinux
wDisplay who is onlinewho or w or who -aSystem InfoLinux
WhoamiWho you are logged in asWhoamiSystem InfoLinux
dmesgDisplay messages in kernel ring bufferdmesgHardware infoLinux
catDisplay CPU informationcat /proc/cpuinfoHardware infoLinux
catDisplay memory informationcat /proc/meminfoHardware infoLinux
freeDisplay free and used memory ( -h for human readable, -m for MB, -g for GB.)free -hHardware infoLinux
lspciDisplay PCI deviceslspci -tvHardware infoLinux
lsusbDisplay USB deviceslsusb -tvHardware infoLinux
dmidecodeDisplay DMI/SMBIOS (hardware info) from the BIOSdmidecodeHardware infoLinux
hdparmShow info about disk sdahdparm -i /dev/sdaHardware infoLinux
hdparmPerform a read speed test on disk sdahdparm -tT /dev/sdaHardware infoLinux
badblocksTest for unreadable blocks on disk sdabadblocks -s /dev/sdaHardware infoLinux
topDisplay and manage the top processestopPerf MonLinux
htopInteractive process viewer (top alternative)htopPerf MonLinux
mpstatDisplay processor related statisticsmpstat 1Perf MonLinux
vmstatDisplay virtual memory statisticsvmstat 1Perf MonLinux
iostatDisplay I/O statisticsiostat 1Perf MonLinux
tailDisplay the last 100 syslog messages (Use /var/log/syslog for Debian based systems.)tail 100 /var/log/messagesPerf MonCentOS
/varDisplay the last 100 syslog messages/var/log/syslogPerf MonDebian
tcpdumpCapture and display all packets on interface eth0tcpdump -i eth0Perf MonLinux
tcpdumpMonitor all traffic on port 80 ( HTTP )tcpdump -i eth0 'port 80'Perf MonLinux
lsofList all open files on the systemlsofPerf MonLinux
lsofList files opened by userlsof -u userPerf MonLinux
free Display free and used memory ( -h for human readable, -m for MB, -g for GB.)free -hPerf MonLinux
watch Execute "df -h", showing periodic updateswatch df -hPerf MonLinux
idDisplay the user and group ids of your current user.idUser InfoLinux
lastDisplay the last users who have logged onto the system.lastUser InfoLinux
whoShow who is logged into the system.whoUser InfoLinux
wShow who is logged in and what they are doing.wUser InfoLinux
groupadd Create a group named "test".groupadd testUser InfoLinux
useradd Create an account named john, with a comment of "John Smith" and create the user's home directory.useradd -c "John Smith" -m johnUser InfoLinux
userdelDelete the john account.userdel johnUser InfoLinux
usermodAdd the john account to the sales groupusermod -aG sales johnUser InfoLinux
lsList all files in a long listing (detailed) formatls -alUser InfoLinux
pwdDisplay the present working directorypwdUser InfoLinux
mkdirCreate a directorymkdir directoryUser InfoLinux
rm Remove (delete) file
Remove the directory and its contents recursively
Force removal of file without prompting for confirmation
Forcefully remove directory recursively
rm file
rm -r directory
rm -f file
rm -rf directory
User InfoLinux
cpCopy file1 to file2cp file1 file2User InfoLinux
cp Copy source_directory recursively to destination. If destination exists, copy source_directory into destination, otherwise create destination with the contents of source_directory.cp -r source_directory destinationUser InfoLinux
mv Rename or move file1 to file2. If file2 is an existing directory, move file1 into directory file2mv file1 file2User InfoLinux
lnCreate symbolic link to linknameln -s /path/to/file linknameUser InfoLinux
touchCreate an empty file or update the access and modification times of file.touch fileUser InfoLinux
catView the contents of filecat fileUser InfoLinux
lessBrowse through a text fileless fileUser InfoLinux
headDisplay the first 10 lines of filehead fileUser InfoLinux
tailDisplay the last 10 lines of filetail fileUser InfoLinux
tail Display the last 10 lines of file and "follow" the file as it grows.tail -f fileUser InfoLinux
psDisplay your currently running processespsProcess mgmtLinux
psDisplay all the currently running processes on the system.ps -efProcess mgmtLinux
psDisplay process information for processnameps -ef | grep processnameProcess mgmtLinux
topDisplay and manage the top processestopProcess mgmtLinux
htopInteractive process viewer (top alternative)htopProcess mgmtLinux
killKill process with process ID of pidkill pidProcess mgmtLinux
killallKill all processes named processnamekillall processnameProcess mgmtLinux
programStart program in the backgroundprogram &Process mgmtLinux
bgDisplay stopped or background jobsbgProcess mgmtLinux
fgBrings the most recent background job to foregroundfgProcess mgmtLinux
fgBrings job n to the foregroundfg nProcess mgmtLinux
ifconfigDisplay all network interfaces and ip addressifconfig -aNetworkingLinux
ifconfigDisplay eth0 address and detailsifconfig eth0NetworkingLinux
ethtoolQuery or control network driver and hardware settingsethtool eth0NetworkingLinux
pingSend ICMP echo request to hostping hostNetworkingLinux
whoisDisplay whois information for domainwhois domainNetworkingLinux
digDisplay DNS information for domaindig domainNetworkingLinux
digReverse lookup of IP_ADDRESSdig -x IP_ADDRESSNetworkingLinux
hostDisplay DNS ip address for domainhost domainNetworkingLinux
hostnameDisplay the network address of the host name.hostname -iNetworkingLinux
hostnameDisplay all local ip addresseshostname -INetworkingLinux
wgetDownload http://domain.com/filewget http://domain.com/fileNetworkingLinux
netstatDisplay listening tcp and udp ports and corresponding programsnetstat -nutlpNetworkingLinux
tarCreate tar named archive.tar containing directory.tar cf archive.tar directoryArchivesLinux
tarExtract the contents from archive.tar.tar xf archive.tarArchivesLinux
tarCreate a gzip compressed tar file name archive.tar.gz.tar czf archive.tar.gz directoryArchivesLinux
tarExtract a gzip compressed tar file.tar xzf archive.tar.gzArchivesLinux
tarCreate a tar file with bzip2 compressiontar cjf archive.tar.bz2 directoryArchivesLinux
tarExtract a bzip2 compressed tar file.tar xjf archive.tar.bz2ArchivesLinux
yumSearch for a package by keyword.yum search keywordInstallingLinux
yumInstall package.yum install packageInstallingLinux
yumDisplay description and summary information about package.yum info packageInstallingLinux
rpmInstall package from local file named package.rpmrpm -i package.rpmInstallingLinux
yumRemove/uninstall package.yum remove packageInstallingLinux
tarInstall software from source code.tar zxvf sourcecode.tar.gz
cd sourcecode
./configure
make
make install
InstallingLinux
grepSearch for pattern in filegrep pattern filesearchLinux
grepSearch recursively for pattern in directorygrep -r pattern directorysearchLinux
locateFind files and directories by namelocate namesearchLinux
find Find files in /home/john that start with "prefix".find /home/john -name 'prefix*'searchLinux
findFind files larger than 100MB in /homefind /home -size +100MsearchLinux
sshConnect to host as your local username.ssh hostSSH LoginLinux
sshConnect to host as userssh user@hostSSH LoginLinux
sshConnect to host using portssh -p port user@hostSSH LoginLinux
scpSecure copy file.txt to the /tmp folder on serverscp file.txt server:/tmpFile TransferLinux
scpCopy *.html files from server to the local /tmp folder.scp server:/var/www/*.html /tmpFile TransferLinux
scpCopy all files and directories recursively from server to the current system's /tmp folder.scp -r server:/var/www /tmpFile TransferLinux
rsyncSynchronize /home to /backups/homersync -a /home /backups/File TransferLinux
rsyncSynchronize files/directories between the local and remote system with compression enabledrsync -avz /home server:/backups/File TransferLinux
dfShow free and used space on mounted filesystemsdf -hDisk UsageLinux
dfShow free and used inodes on mounted filesystemsdf -iDisk UsageLinux
fdiskDisplay disks partitions sizes and typesfdisk -lDisk UsageLinux
duDisplay folder and file system sizedu -sh
df -h
Disk UsageLinux
duDisplay disk usage for all files and directories in human readable formatdu -ahDisk UsageLinux
duDisplay total disk usage off the current directorydu -shDisk UsageLinux
cdTo go up one level of the directory tree. (Change into the parent directory.)cd ..Dir navigateLinux
cdGo to the $HOME directorycdDir navigateLinux
cdChange to the /etc directorycd /etcDir navigateLinux
chmodPermissionU G W
rwx rwx rwx chmod 777 filename
rwx rwx r-x chmod 775 filename
rwx r-x r-x chmod 755 filename
rw- rw- r-- chmod 664 filename
rw- r-- r-- chmod 644 filename
# NOTE: Use 777 sparingly!
#U = User
#G = Group
#W = World
r = Read
w = write
x = execute
- = no access
permissonLinux
pathAdd directories to PATHTo avoid adding "/scripts" or any other path in front of your commands add "/scripts" to your PATH variable.
On your Linux machine edit ".bash_profile" in your home directory. (vim .bash_profile)
Once inside append "/scripts" or any other path to your PATH variable.
pathLinux
sftpQuery and SFTP site for a fileTo check if a file already exists on a remote SFTP server run the below;
echo "ls *fileyouareafter" | sftp -q username@remotehost.com:/path
-q Quiet mode: disables the progress meter as well as warning and diagnostic messages from ssh(1).
Of course if we are not sure of the path to the file we will have to first log in to the SFTP site and establish the correct path that way.
permissonLinux
root sshCentOS disable root sshyum update && yum upgrade
1. useradd - Create a new user
2. passwd - Assign a password to the new user
3. gpasswd -a wheel - Add the new user to the "wheel" group

Open the /etc/ssh/sshd_config file in your preferred text editor (nano, vi, etc.).
Locate the following line:
PermitRootLogin yes
Modify the line as follows:
PermitRootLogin no
Add the following line. Replace username with the name of the user you created in the previous procedure:
AllowUsers username
Save
systemctl reload sshd
permissonLinux
profiile.dCreate a file in /etc/profile.d/ directory (using vim, nano, etc.)Define the alias in the file:
alias la="ls -al" (for example "la" as in "list all")
Save
chmod 755
Log out and then log back in.
createLinux
dig CAACheck CAA rulesdig google.com type257CAA rulesLinux