// Files & Directories
BASH — Create & Copy
touch file.txt # create empty file mkdir myfolder # create directory mkdir -p a/b/c # create nested directories cp file.txt backup.txt # copy file cp -r folder/ dest/ # copy directory recursively mv file.txt /tmp/ # move file mv old.txt new.txt # rename file rm file.txt # delete file rm -rf folder/ # force delete directory (be careful!) ln -s /etc/nginx nginx # create symbolic link
BASH — View & Search
cat file.txt # print file contents less file.txt # scroll through file (q to quit) head -n 20 file.txt # first 20 lines tail -n 20 file.txt # last 20 lines tail -f /var/log/syslog # follow file live (great for logs) find / -name "*.conf" # find files by name find /etc -type f -size +1M # find files over 1MB locate nginx.conf # fast file search (uses index) which python3 # find binary location file mystery.bin # detect file type stat file.txt # detailed file metadata du -sh folder/ # folder size, human readable df -h # disk usage per filesystem
Tip: tail -f is your best friend for monitoring logs in real time — pair it with grep to filter specific lines.
// Permissions
// PERMISSION BITS
r = read (4) w = write (2) x = execute (1)
Three groups: owner | group | others
Example: rwxr-xr-- = 754
// COMMON CHMOD VALUES
755 — owner full, others read+exec644 — owner read+write, others read600 — owner only (private keys)777 — everyone full (avoid!)
// SUID / SGID / STICKY
SUID (4) — run as file owner
SGID (2) — run as group owner
Sticky (1) — only owner can delete (used on /tmp)
BASH
ls -l file.txt # view permissions chmod 755 script.sh # set permissions (numeric) chmod +x script.sh # add execute for all chmod u+x,g-w script.sh # symbolic: user +exec, group -write chmod -R 644 folder/ # recursive permission change chown user:group file # change owner and group chown -R www-data /var/www # recursive ownership change umask # view default permission mask umask 022 # set default mask
// Processes
BASH
# View processes ps aux # all running processes ps aux | grep nginx # find specific process top # live process monitor htop # better live monitor (install if missing) pgrep nginx # get PID by name pidof nginx # same as pgrep # Control processes kill 1234 # send SIGTERM (graceful stop) kill -9 1234 # send SIGKILL (force stop) killall nginx # kill all processes by name pkill nginx # kill by name pattern # Background jobs command & # run in background jobs # list background jobs fg %1 # bring job 1 to foreground bg %1 # send job 1 to background nohup script.sh & # run immune to hangups screen -S mysession # start named screen session tmux # terminal multiplexer
// Text Processing
BASH
# grep — search text grep "error" syslog # search for pattern grep -i "error" syslog # case insensitive grep -r "error" /var/log/ # recursive search grep -n "error" syslog # show line numbers grep -v "debug" syslog # exclude matching lines grep -E "error|warn" log # extended regex (OR) # awk — column-based processing awk '{print $1}' file # print first column awk -F: '{print $1}' /etc/passwd # use : as delimiter awk '$3 > 1000' /etc/passwd # filter rows by column value # sed — stream editor sed 's/old/new/g' file # replace all occurrences sed -i 's/old/new/g' file # replace in-place sed '/pattern/d' file # delete matching lines sed -n '10,20p' file # print lines 10 to 20 # Other useful tools sort file.txt # sort lines alphabetically sort -n file.txt # sort numerically uniq file.txt # remove duplicate lines wc -l file.txt # count lines cut -d: -f1 /etc/passwd # cut first field using : delimiter tr 'a-z' 'A-Z' # translate characters (lowercase to upper) echo "hello" | tee out.txt # write to file AND stdout
// Networking
BASH
# Interfaces & IP ip a # show all interfaces and IPs ip r # show routing table ip link set eth0 up # bring interface up ifconfig # legacy interface info # Connectivity ping -c 4 8.8.8.8 # ping 4 times traceroute google.com # trace network path mtr google.com # live traceroute (better) curl https://example.com # fetch URL curl -I https://example.com # fetch headers only wget https://example.com/file.zip # download file # Ports & Sockets ss -tulnp # show listening ports + process netstat -tulnp # legacy version of ss lsof -i :80 # what's using port 80 # DNS nslookup google.com # basic DNS lookup dig google.com # detailed DNS query dig google.com MX # query MX records host google.com # simple DNS lookup # SSH ssh user@192.168.1.1 # connect to remote host ssh -p 2222 user@host # custom port scp file.txt user@host:/tmp/ # copy file to remote rsync -avz folder/ user@host:/dest/ # sync folder to remote
// System Info
BASH
uname -a # kernel version + architecture hostnamectl # hostname, OS, kernel info uptime # how long system has been running whoami # current user id # user ID, group ID, groups w # who is logged in + what they're doing last # login history free -h # RAM usage, human readable vmstat # memory, swap, CPU stats lscpu # CPU architecture info lsblk # list block devices / disks lsusb # list USB devices lspci # list PCI devices dmesg | tail # kernel ring buffer (hardware events) journalctl -xe # systemd logs systemctl status nginx # service status systemctl start nginx # start service systemctl enable nginx # enable on boot systemctl restart nginx # restart service
// Package Management
| DISTRO | PACKAGE MANAGER | INSTALL COMMAND |
|---|---|---|
| Ubuntu / Debian | apt | apt install <pkg> |
| CentOS / RHEL | yum / dnf | dnf install <pkg> |
| Arch Linux | pacman | pacman -S <pkg> |
| Alpine | apk | apk add <pkg> |
| Any | snap | snap install <pkg> |
BASH — APT (Ubuntu/Debian)
apt update # refresh package list apt upgrade # upgrade all packages apt install nginx # install package apt remove nginx # remove package apt purge nginx # remove + delete config files apt autoremove # remove unused dependencies apt search nginx # search for package apt show nginx # show package details dpkg -l # list all installed packages
// Terminal Shortcuts
| SHORTCUT | ACTION |
|---|---|
Ctrl + C | Kill current process |
Ctrl + Z | Suspend current process |
Ctrl + D | Exit shell / EOF |
Ctrl + L | Clear terminal |
Ctrl + A | Move cursor to start of line |
Ctrl + E | Move cursor to end of line |
Ctrl + R | Search command history |
!! | Repeat last command |
!nginx | Repeat last command starting with "nginx" |
Tab | Autocomplete command or path |
↑ / ↓ | Navigate command history |
Ctrl + W | Delete last word |
Pro tip: Use history | grep ssh to quickly find past commands. Combine with Ctrl+R for fast reverse search through your history.