Linux Bash Commands
| Type of Command | Name | Command | Keyword | OS |
|---|---|---|---|---|
| dig | View External IP | dig +short myip.opendns.com @resolver1.opendns.com | system | Linux |
| yum | Remove yum cache | yum clean all rm -rf /var/cache/yum/* | system | Linux |
| timedatectl | Change time to earlier date | timedatectl timedatectl set-time 2019-06-19 | system | Linux |
| nmcli | Network Manager | nmcli con mod CON1 +ipv4.addresses "10.0.0.1/24" | system | Linux |
| iptables | Firewall | iptables (deprecated) | system | Linux |
| firewalld | Firewall | firewalld | system | Linux |
| firewalld | System Control Status | systemctl status firewalld sudo firewall-cmd --state systemctl status iptables service iptables status | system | CentOS, |
| hostname | Set view hostname | hostname hostname host.domain.tld | system | Linux |
| hostname | Display the IP addresses of the host | hostname -I | system | Linux |
| ps | View services PID to name | ps -p 'PID' -o comm= ps -a [PID] ps -ef | grep | system | Linux |
| pmtashowstacks | View PMTA version | pmtashowstacks --version | PMTA | Linux |
| ls | List items | ls -l | system | Linux |
| nmcli | Network Manager | nmcli con show nmcli device status | system | CentOS |
| nmcli | Network Manager | nmcli con add type ethernet con-name CON1 ifname eth1 ip4 192.168.190.1/24 \gw4 192.168.1.1 | system | CentOS |
| ip a | View IPconfig | ip address | syste, | CentOS |
| cat | SSH authorised keys | cat /.ssh/authorized_keys | system | Linux |
| pwd | Displays working directory | pwd | system | Linux |
| adduser | Add user | useradd USERNAME -d /home/USERNAME passwd 'PASSWORD | system | Linux |
| systemctl | Start PMTA Status PMTA | systemctl start pmta.service systemctl status pmta.service | PMTA | Linux |
| host/dig | View public IP | host myip.opendns.comresolver1.opendns.com dig +short myip.opendns.com @resolver1.opendns.com | system | Linux |
| systemctl | System reboot/shutdown | systemctl reboot systemctl shutdown | system | Linux |
| journalctl | View PMTA errorlog | journalctl -u pmta.service | PMTA | CentOS |
| systemctl | Restart network to update | systemctl restart network | System | Centos |
| head/tail | head/tail: Displays the first/ last 10 lines of a file. | tail tail -f | Linux | |
| wget | Download files | wget http://releases.ubuntu.com/18.10/ubuntu-18.10-desktop-amd64.iso | system | Linux |
| OpenSSL | Create new Private Key and Certificate Signing Request | req -out geekflare.csr -newkey rsa:2048 -nodes -keyout geekflare.key | OpenSSL | Linux |
| OpenSSL | Create a Self-Signed Certificate (dafault 30 days) | openssl req -x509 -sha256 -nodes -newkey rsa:2048 -keyout gfselfsigned.key -out gfcert.pem | OpenSSL | Linux |
| OpenSSL | Create a Self-Signed Certificate (for 2 years) | openssl req -x509 -sha256 -nodes -days 730 -newkey rsa:2048 -keyout gfselfsigned.key -out gfcert.pem | OpenSSL | Linux |
| OpenSSL | Print certificateÂs fingerprint as md5, sha1, sha256 digest | openssl x509 -in cert.pem -fingerprint -sha256 -noout | OpenSSL | Linux |
| OpenSSL | Verify CSR file | openssl req -noout -text -in geekflare.csr | OpenSSL | Linux |
| OpenSSL | Create RSA Private Key (2048-bis is secure enough) | openssl genrsa -out private.key 2048 | OpenSSL | Linux |
| OpenSSL | Remove Passphrase from Key | openssl rsa -in certkey.key -out nopassphrase.key | OpenSSL | Linux |
| OpenSSL | Print public key or modulus only | openssl rsa -in example.key -pubout | OpenSSL | Linux |
| OpenSSL | Print textual representation of RSA key | openssl rsa -in example.key -text -noout | OpenSSL | Linux |
| OpenSSL | Check your private key. | openssl rsa -check -in example.key | OpenSSL | Linux |
| OpenSSL | Encrypt existing private key with a passphrase | openssl rsa -des3 -in example.key -out example_with_pass.key | OpenSSL | Linux |
| OpenSSL | Verify Private Key | openssl rsa -in certkey.key Âcheck | OpenSSL | Linux |
| OpenSSL | Verify Certificate File | openssl x509 -in certfile.pem -text Ânoout | OpenSSL | Linux |
| OpenSSL | Verify the Certificate Signer Authority | openssl x509 -in certfile.pem -noout -issuer -issuer_hash | OpenSSL | Linux |
| OpenSSL | Check Hash Value of A Certificate | openssl x509 -noout -hash -in bestflare.pem | OpenSSL | Linux |
| OpenSSL | Convert DER to PEM format | openssl x509 Âinform der Âin sslcert.der Âout sslcert.pem | OpenSSL | Linux |
| OpenSSL | Convert PEM to DER format | openssl x509 Âoutform der Âin sslcert.pem Âout sslcert.der | OpenSSL | Linux |
| OpenSSL | Convert Certificate and Private Key to PKCS#12 format | openssl pkcs12 Âexport Âout sslcert.pfx Âinkey key.pem Âin sslcert.pem | OpenSSL | Linux |
| OpenSSL | Convert Certificate and Private Key to PKCS#12 format including chains | openssl pkcs12 Âexport Âout sslcert.pfx Âinkey key.pem Âin sslcert.pem -chain cacert.pem | OpenSSL | Linux |
| OpenSSL | Create CSR using an existing private key | openssl req Âout certificate.csr Âkey existing.key Ânew | OpenSSL | Linux |
| OpenSSL | Check contents of PKCS12 format cert | openssl pkcs12 Âinfo Ânodes Âin cert.p12 | OpenSSL | Linux |
| OpenSSL | Convert PKCS12 format to PEM certificate | openssl pkcs12 Âin cert.p12 Âout cert.pem | OpenSSL | Linux |
| OpenSSL | Combine several certificates in PKCS7 (P7B) | openssl crl2pkcs7 -nocrl -certfile child.crt -certfile ca.crt -out example.p7b | OpenSSL | Linux |
| OpenSSL | Combine a PEM and a private key to PKCS#12 (.pfx .p12) + chains | openssl pkcs12 -export -out certificate.pfx -inkey privkey.pem -in certificate.pem -certfile ca-chain.pem | OpenSSL | Linux |
| OpenSSL | Convert a PKCS#12 file (.pfx .p12) back to PEM (for export) | openssl pkcs12 -in keystore.pfx -out keystore.pem -nodes | OpenSSL | Linux |
| OpenSSL | List available EC curves supported in OpenSSL | openssl ecparam -list_curves | OpenSSL | Linux |
| OpenSSL | Test SSL certificate of particular URL | openssl s_client -connect yoururl.com:443 Âshowcerts | OpenSSL | Linux |
| OpenSSL | Find out OpenSSL version | openssl version | OpenSSL | Linux |
| OpenSSL | List cipher suites | openssl ciphers -v | OpenSSL | Linux |
| OpenSSL | Check PEM File Certificate Expiration Date | openssl x509 -noout -in certificate.pem -dates | OpenSSL | Linux |
| OpenSSL | Check Certificate Expiration Date of SSL URL | openssl s_client -connect secureurl.com:443 2>/dev/null | openssl x509 -noout Âenddate | OpenSSL | Linux |
| OpenSSL | SSL check if SSL3 is accepted on URL | openssl s_client -connect secureurl.com:443 -ssl2 | OpenSSL | Linux |
| OpenSSL | SSL check if SSL3 is accepted on URL | openssl s_client -connect secureurl.com:443 Âssl3 | OpenSSL | Linux |
| OpenSSL | SSL check if TLS1 is accepted on URL | openssl s_client -connect secureurl.com:443 Âtls1 | OpenSSL | Linux |
| OpenSSL | SSL check if TLS1.1 is accepted on URL | openssl s_client -connect secureurl.com:443 Âtls1_1 | OpenSSL | Linux |
| OpenSSL | SSL check if TLS1.2 is accepted on URL | openssl s_client -connect secureurl.com:443 Âtls1_2 | OpenSSL | Linux |
| OpenSSL | Verify if the particular cipher is accepted on URL | openssl s_client -cipher 'ECDHE-ECDSA-AES256-SHA' -connect secureurl:443 | OpenSSL | Linux |
| OpenSSL | Connect to a server and show full certificate chain | openssl s_client -showcerts -host example.com -port 443 | OpenSSL | Linux |
| OpenSSL | Override SN when multiple secure sites are hosted on same IP | openssl s_client -servername http://www.example.com -host example.com -port 443 | OpenSSL | Linux |
| OpenSSL | Measure SSL connection time with session reuse | openssl s_time -connect example.com:443 -new | OpenSSL | Linux |
| OpenSSL | Measure SSL connection time without session reuse | openssl s_time -connect example.com:443 -reuse | OpenSSL | Linux |
| OpenSSL | Measure speed of security algorithms, rsa | openssl speed rsa2048 | OpenSSL | Linux |
| OpenSSL | Measure speed of security algorithms, ecdsap | openssl speed ecdsap256 | OpenSSL | Linux |
| openssl, curl | Examine TCP and SSL handshake times using curl | curl -kso /dev/null -w "tcp:%{time_connect}, ssldone:%{time_appconnect}\n" https://example.com | OpenSSL | Linux |
| curl | Check URL | curl https://domain.com/ | cURL | Linux |
| curl | store the output of URL in a file | curl -o website https://domain.com/ | cURL | Linux |
| curl | Download files | curl -O https://domain.com/file.zip | cURL | Linux |
| curl | Download with different name | curl -o archive.zip https://domain.com/file.zip | cURL | Linux |
| curl | Fetch Multiple Files at a time | curl -O URL1 -O URL2 | cURL | Linux |
| curl | Get HTTP header information | curl -I http://domain.com | cURL | Linux |
| curl | Get HTTP only response header information | curl -i https://domain.com/ | cURL | Linux |
| curl | Access an FTP server | curl ftp://ftp.domain.com --user username:password | cURL | Linux |
| curl | download files via FTP | curl ftp://ftp.domain.com/filename.extension --user username:password | cURL | Linux |
| curl | upload a file onto the FTP server: | curl -T filename.extension ftp://ftp.domain.com/ --user username:password | cURL | Linux |
| curl | Follow HTTP Location Headers with -L option | curl -L http://www.google.com | cURL | Linux |
| curl | Continue/Resume a Previous Download | curl -O http://domain.com/gettext.html | cURL | Linux |
| curl | Limit the Rate of Data Transfer | curl --limit-rate 1000B -O http://domain.com/gettext.html | cURL | Linux |
| curl | Download only if modified before/after | curl -z 01-Jan-19 http://www.example.com/yy.html | cURL | Linux |
| curl | Pass HTTP Authentication in cURL | curl -u username:password URL | cURL | Linux |
| curl | More info Verbose and Trace Option | curl -v http://google.com | cURL | Linux |
| curl | Send Mail using SMTP Protocol | curl --mail-from test@test.com --mail-rcpt foo@test.com smtp://mailserver.com | cURL | Linux |
| curl | Perform an HTTP POST request | curl -X GET https://domain.com/ | cURL | Linux |
| curl | Perform an HTTP PUT request | curl -X PUT https://domain.com/ | cURL | Linux |
| curl | View External IP | curl wtfismyip.com/json curl eth0.me curl ipecho.net/plain curl icanhazip.com curl l2.io/ip curl ifconfig.me/ip curl httpbin.org/ip | cURL | Win |
| ssh-keygen | Convert SSH2 to OpenSSH | ssh-keygen -i -f /path/to/ssh/key > convertedkey.pub | crypto keys | Linux |
| ssh-keygen | Convert OpenSSH to SSH2 | ssh-keygen -e -f /path/to/sshkey > convertedkey.pub | crypto keys | Linux |
| ssh-keygen | SH Key fingerprint, dfault SHA256 | ssh-keygen -l -f /path/to/sshkey | crypto keyskeys | Linux |
| ssh-keygen | SH Key fingerprint, MD5 | ssh-keygen -l -E -f /path/to/sshkey | crypto keys | Linux |
| history | List command history | history | Linux | Linux |
| history | Clear entire history Clear last command off history | history -c history -cw | System Info | Linux |
| uname | Display Linux system information | uname -a | System Info | Linux |
| uname | Display kernel release information | uname -r | System Info | Linux |
| cat | Show which version of redhat installed | cat /etc/redhat-release | System Info | Redhat |
| uptime | System uptime + load | uptime | System Info | Linux |
| last reboot | Show system reboot history | last reboot | System Info | Linux |
| date | Show the current date and time | date | System Info | Linux |
| cal | Show this month's calendar | cal | System Info | Linux |
| w | Display who is online | who or w or who -a | System Info | Linux |
| Whoami | Who you are logged in as | Whoami | System Info | Linux |
| dmesg | Display messages in kernel ring buffer | dmesg | Hardware info | Linux |
| cat | Display CPU information | cat /proc/cpuinfo | Hardware info | Linux |
| cat | Display memory information | cat /proc/meminfo | Hardware info | Linux |
| free | Display free and used memory ( -h for human readable, -m for MB, -g for GB.) | free -h | Hardware info | Linux |
| lspci | Display PCI devices | lspci -tv | Hardware info | Linux |
| lsusb | Display USB devices | lsusb -tv | Hardware info | Linux |
| dmidecode | Display DMI/SMBIOS (hardware info) from the BIOS | dmidecode | Hardware info | Linux |
| hdparm | Show info about disk sda | hdparm -i /dev/sda | Hardware info | Linux |
| hdparm | Perform a read speed test on disk sda | hdparm -tT /dev/sda | Hardware info | Linux |
| badblocks | Test for unreadable blocks on disk sda | badblocks -s /dev/sda | Hardware info | Linux |
| top | Display and manage the top processes | top | Perf Mon | Linux |
| htop | Interactive process viewer (top alternative) | htop | Perf Mon | Linux |
| mpstat | Display processor related statistics | mpstat 1 | Perf Mon | Linux |
| vmstat | Display virtual memory statistics | vmstat 1 | Perf Mon | Linux |
| iostat | Display I/O statistics | iostat 1 | Perf Mon | Linux |
| tail | Display the last 100 syslog messages (Use /var/log/syslog for Debian based systems.) | tail 100 /var/log/messages | Perf Mon | CentOS |
| /var | Display the last 100 syslog messages | /var/log/syslog | Perf Mon | Debian |
| tcpdump | Capture and display all packets on interface eth0 | tcpdump -i eth0 | Perf Mon | Linux |
| tcpdump | Monitor all traffic on port 80 ( HTTP ) | tcpdump -i eth0 'port 80' | Perf Mon | Linux |
| lsof | List all open files on the system | lsof | Perf Mon | Linux |
| lsof | List files opened by user | lsof -u user | Perf Mon | Linux |
| free | Display free and used memory ( -h for human readable, -m for MB, -g for GB.) | free -h | Perf Mon | Linux |
| watch | Execute "df -h", showing periodic updates | watch df -h | Perf Mon | Linux |
| id | Display the user and group ids of your current user. | id | User Info | Linux |
| last | Display the last users who have logged onto the system. | last | User Info | Linux |
| who | Show who is logged into the system. | who | User Info | Linux |
| w | Show who is logged in and what they are doing. | w | User Info | Linux |
| groupadd | Create a group named "test". | groupadd test | User Info | Linux |
| useradd | Create an account named john, with a comment of "John Smith" and create the user's home directory. | useradd -c "John Smith" -m john | User Info | Linux |
| userdel | Delete the john account. | userdel john | User Info | Linux |
| usermod | Add the john account to the sales group | usermod -aG sales john | User Info | Linux |
| ls | List all files in a long listing (detailed) format | ls -al | User Info | Linux |
| pwd | Display the present working directory | pwd | User Info | Linux |
| mkdir | Create a directory | mkdir directory | User Info | Linux |
| rm | Remove (delete) file Remove the directory and its contents recursively Force removal of file without prompting for confirmation Forcefully remove directory recursively | rm file rm -r directory rm -f file rm -rf directory | User Info | Linux |
| cp | Copy file1 to file2 | cp file1 file2 | User Info | Linux |
| cp | Copy source_directory recursively to destination. If destination exists, copy source_directory into destination, otherwise create destination with the contents of source_directory. | cp -r source_directory destination | User Info | Linux |
| mv | Rename or move file1 to file2. If file2 is an existing directory, move file1 into directory file2 | mv file1 file2 | User Info | Linux |
| ln | Create symbolic link to linkname | ln -s /path/to/file linkname | User Info | Linux |
| touch | Create an empty file or update the access and modification times of file. | touch file | User Info | Linux |
| cat | View the contents of file | cat file | User Info | Linux |
| less | Browse through a text file | less file | User Info | Linux |
| head | Display the first 10 lines of file | head file | User Info | Linux |
| tail | Display the last 10 lines of file | tail file | User Info | Linux |
| tail | Display the last 10 lines of file and "follow" the file as it grows. | tail -f file | User Info | Linux |
| ps | Display your currently running processes | ps | Process mgmt | Linux |
| ps | Display all the currently running processes on the system. | ps -ef | Process mgmt | Linux |
| ps | Display process information for processname | ps -ef | grep processname | Process mgmt | Linux |
| top | Display and manage the top processes | top | Process mgmt | Linux |
| htop | Interactive process viewer (top alternative) | htop | Process mgmt | Linux |
| kill | Kill process with process ID of pid | kill pid | Process mgmt | Linux |
| killall | Kill all processes named processname | killall processname | Process mgmt | Linux |
| program | Start program in the background | program & | Process mgmt | Linux |
| bg | Display stopped or background jobs | bg | Process mgmt | Linux |
| fg | Brings the most recent background job to foreground | fg | Process mgmt | Linux |
| fg | Brings job n to the foreground | fg n | Process mgmt | Linux |
| ifconfig | Display all network interfaces and ip address | ifconfig -a | Networking | Linux |
| ifconfig | Display eth0 address and details | ifconfig eth0 | Networking | Linux |
| ethtool | Query or control network driver and hardware settings | ethtool eth0 | Networking | Linux |
| ping | Send ICMP echo request to host | ping host | Networking | Linux |
| whois | Display whois information for domain | whois domain | Networking | Linux |
| dig | Display DNS information for domain | dig domain | Networking | Linux |
| dig | Reverse lookup of IP_ADDRESS | dig -x IP_ADDRESS | Networking | Linux |
| host | Display DNS ip address for domain | host domain | Networking | Linux |
| hostname | Display the network address of the host name. | hostname -i | Networking | Linux |
| hostname | Display all local ip addresses | hostname -I | Networking | Linux |
| wget | Download http://domain.com/file | wget http://domain.com/file | Networking | Linux |
| netstat | Display listening tcp and udp ports and corresponding programs | netstat -nutlp | Networking | Linux |
| tar | Create tar named archive.tar containing directory. | tar cf archive.tar directory | Archives | Linux |
| tar | Extract the contents from archive.tar. | tar xf archive.tar | Archives | Linux |
| tar | Create a gzip compressed tar file name archive.tar.gz. | tar czf archive.tar.gz directory | Archives | Linux |
| tar | Extract a gzip compressed tar file. | tar xzf archive.tar.gz | Archives | Linux |
| tar | Create a tar file with bzip2 compression | tar cjf archive.tar.bz2 directory | Archives | Linux |
| tar | Extract a bzip2 compressed tar file. | tar xjf archive.tar.bz2 | Archives | Linux |
| yum | Search for a package by keyword. | yum search keyword | Installing | Linux |
| yum | Install package. | yum install package | Installing | Linux |
| yum | Display description and summary information about package. | yum info package | Installing | Linux |
| rpm | Install package from local file named package.rpm | rpm -i package.rpm | Installing | Linux |
| yum | Remove/uninstall package. | yum remove package | Installing | Linux |
| tar | Install software from source code. | tar zxvf sourcecode.tar.gz cd sourcecode ./configure make make install | Installing | Linux |
| grep | Search for pattern in file | grep pattern file | search | Linux |
| grep | Search recursively for pattern in directory | grep -r pattern directory | search | Linux |
| locate | Find files and directories by name | locate name | search | Linux |
| find | Find files in /home/john that start with "prefix". | find /home/john -name 'prefix*' | search | Linux |
| find | Find files larger than 100MB in /home | find /home -size +100M | search | Linux |
| ssh | Connect to host as your local username. | ssh host | SSH Login | Linux |
| ssh | Connect to host as user | ssh user@host | SSH Login | Linux |
| ssh | Connect to host using port | ssh -p port user@host | SSH Login | Linux |
| scp | Secure copy file.txt to the /tmp folder on server | scp file.txt server:/tmp | File Transfer | Linux |
| scp | Copy *.html files from server to the local /tmp folder. | scp server:/var/www/*.html /tmp | File Transfer | Linux |
| scp | Copy all files and directories recursively from server to the current system's /tmp folder. | scp -r server:/var/www /tmp | File Transfer | Linux |
| rsync | Synchronize /home to /backups/home | rsync -a /home /backups/ | File Transfer | Linux |
| rsync | Synchronize files/directories between the local and remote system with compression enabled | rsync -avz /home server:/backups/ | File Transfer | Linux |
| df | Show free and used space on mounted filesystems | df -h | Disk Usage | Linux |
| df | Show free and used inodes on mounted filesystems | df -i | Disk Usage | Linux |
| fdisk | Display disks partitions sizes and types | fdisk -l | Disk Usage | Linux |
| du | Display folder and file system size | du -sh df -h | Disk Usage | Linux |
| du | Display disk usage for all files and directories in human readable format | du -ah | Disk Usage | Linux |
| du | Display total disk usage off the current directory | du -sh | Disk Usage | Linux |
| cd | To go up one level of the directory tree. (Change into the parent directory.) | cd .. | Dir navigate | Linux |
| cd | Go to the $HOME directory | cd | Dir navigate | Linux |
| cd | Change to the /etc directory | cd /etc | Dir navigate | Linux |
| chmod | Permission | U G W rwx rwx rwx chmod 777 filename rwx rwx r-x chmod 775 filename rwx r-x r-x chmod 755 filename rw- rw- r-- chmod 664 filename rw- r-- r-- chmod 644 filename # NOTE: Use 777 sparingly! #U = User #G = Group #W = World r = Read w = write x = execute - = no access | permisson | Linux |
| path | Add directories to PATH | To avoid adding "/scripts" or any other path in front of your commands add "/scripts" to your PATH variable. On your Linux machine edit ".bash_profile" in your home directory. (vim .bash_profile) Once inside append "/scripts" or any other path to your PATH variable. | path | Linux |
| sftp | Query and SFTP site for a file | To check if a file already exists on a remote SFTP server run the below; echo "ls *fileyouareafter" | sftp -q username@remotehost.com:/path -q Quiet mode: disables the progress meter as well as warning and diagnostic messages from ssh(1). Of course if we are not sure of the path to the file we will have to first log in to the SFTP site and establish the correct path that way. | permisson | Linux |
| root ssh | CentOS disable root ssh | yum update && yum upgrade 1. useradd 2. passwd 3. gpasswd -a Open the /etc/ssh/sshd_config file in your preferred text editor (nano, vi, etc.). Locate the following line: PermitRootLogin yes Modify the line as follows: PermitRootLogin no Add the following line. Replace username with the name of the user you created in the previous procedure: AllowUsers username Save systemctl reload sshd | permisson | Linux |
| profiile.d | Create a file in /etc/profile.d/ directory (using vim, nano, etc.) | Define the alias in the file: alias la="ls -al" (for example "la" as in "list all") Save chmod 755 Log out and then log back in. | create | Linux |
| dig CAA | Check CAA rules | dig google.com type257 | CAA rules | Linux |