Linux Shell Commands
The Shell is a command language interpreter that executes commands read from a standard input device, such as a keyboard, or from a file. Each command has a number of options, which tailor the output of the command in question. An option follows the command, and is made up of a '-', followed by one or more letters of the alphabet. These shell commands can be run within an application called 'Terminal'.
Either search for a specific command or view by category:
| dd | A backup to a disk image can be created as follows. The 'if' is used to specify the input file, whilst the 'of' is used for the output file. dd if=/dev/sda of=/tmp/sda/image.img This image can be restored by reversing the process. dd if=/tmp/sda/image.img of=/dev/sda |
| hostname | Displays the name of the machine. hostname |
| id | Displays the current user ID, together with the groups the account is in. id |
| whoami | Displays the username of the current user. whoami |
| su | The 'su' command, on its own, switches the user to the root user for the remainder of the terminal session. The password for the root user will need to be entered. su The command can also be used to switch to a named user. Again, the password for the user will need to be entered. su adminuser |
| sudo | The 'sudo' command elevates privileges just for the command being run. This will only be successful if the current logged in user is an administrator. This can, for example, be used with the 'shutdown' command. sudo shutdown -h now |
| df | Displays the disk space available on all filesystems that the user has access to. In the below example, the '-h' ensures that it is in a human readable format, such as KB, MB or GB. df -h The '-T' option can be used to include the file system type in the output. df -T |
| man | The 'man' command, short for manual, can be used in conjunction with a specified command, such as 'ls', to get help on this command. To exit the manual pages for a particular command, use the letter 'q'. man ls |
| chmod | All files have permissions associated with them, for the owner, or creator, of the file, the group that the owner is in, along with everyone else. For each of these, permissions for reading, writing and executing the file in question can be assigned. -rw-rw---- 1 fredbloggs examplegroup 0 26 Mar 17:43 file1.txt The first dash signifies that these permissions are for a file. If it were a 'd', this would signify a directory. Following this, the 'rw-' relate to the read, write and execute permissions for the owner of the file, who, in this case, has read and write permissions. The next 'rw-' relate to the group, which again has read and write permissions. The final three dashes relate to everyone else. These permissions can be assigned to the file as follows. chmod 660 file1.txt Each digit relates to the decimal equivalent of the binary total for the owner, group and everyone else, with read permissions being equivalent to four, write is two and execute is one. As the owner and group have read and write permissions, it is four for read, plus the two for write. |
| chown | The 'chown' command can be utilised to change the owner and group of a particular file or directory. sudo chown fredbloggs:examplegroup file1.txt |
| passwd | In order to change the password of the current user, or a named user, the 'passwd' command needs to be used. Specifying 'passwd' on its own will allow for the changing of the current user password. Using 'passwd' in conjunction with 'sudo' and a username of a specified user, will allow the password to be changed for that user. passwd sudo passwd root |
| kill | Using the 'kill' command, along with a process ID, will terminate that particular process. kill 1234 |
| killall | If it is necessary to terminate all processes associated with a particular application, such as Firefox, then the 'killall' command can be used to achieve this. Note that elevated privileges are required to run this. It can also be used to abort a shutdown that has been scheduled for some point in the future. sudo killall firefox sudo killall shutdown |
| ps | The 'ps' command can be used to list processes running on the system. Using it on its own will list the processes specific to the current user. Stipulating the 'e' option will include all processes, not just those for the current user. ps ps -e |
| clear | Clear the command prompt window of any previously run commands, along with their results. clear |
| ifconfig | Interface Configuration (ifconfig) can be used to view or change network interfaces and IP configuration. Run on its own, with no additional options, will list the active network interfaces, both wired and wireless, on the system. ifconfig Including the 'a' option adds in those interfaces which are currently down. ifconfig -a In order to view the configuration of a specific interface, its name can be specified as an option. ifconfig eth0 If an interface is currently inactive, 'ifconfig' can be used to make it active. Note that elevated privileges are needed for this. sudo ifconfig eth0 up Similarly, if an interface is active, 'ifconfig' can be used to make it inactive. sudo ifconfig eth0 down If DHCP isn't being used, 'ifconfig' can be utilised to assign an IP address, subnet mask and broadcast address. sudo ifconfig eth0 192.168.2.5 netmask 255.255.255.0 broadcast 192.168.2.7 It should be noted that the 'ifconfig' command is replaced by the 'ip' command in modern Linux distributions. |
| ip | The 'ip' command is the replacement for 'ifconfig' in modern Linux distributions, and is used to both view and change network interfaces and IP configuration. Run on its own, with no additional options, will list all the options available with the command. ip For a general view of the network devices configuration currently running, either one of the below options can be used to produce the same result. ip address ip addr show It is possible to limit the information returned to just IPv4 or IPv6 if that is what is desired. ip -4 a ip -6 a The output can also be limited to a particular device, for example, 'eth0' ip addr show dev eth0 If an interface is currently inactive, 'ip' can be used to make it active. Note that elevated privileges are needed for this. sudo ip link set up eth0 Similarly, if an interface is active, 'ip' can be used to make it inactive. sudo ip link set down eth0 As well as making an interface active or inactive, 'ip' can be used to release and assign an IP address. sudo ip addr del 192.168.0.10 dev eth0 sudo ip addr add 192.168.0.11 dev eth0 |
| iwconfig | The 'iwconfig' command is similar to 'ifconfig', but only handles the wireless interfaces. It is used to set the parameters of the network interface, which are specific to the wireless operation. Run on its own, with no options will display information relating to the wireless interfaces, such as IEEE 802.11 standards compatibility, the Extended Service Set Identifier (ESSID), the mode and frequency, along with some other information. iwconfig The parameters listed using 'iwconfig' on its own, can also be set with the same command. sudo iwconfig wlan0 essid "Home network" sudo iwconfig wlan0 mode Managed sudo iwconfig wlan0 freq 2.422G sudo iwconfig wlan0 channel 3 |
| apt | The Advanced Packaging Tool, or APT for short, is the default package manager in Debian based Linux distributions. It can be used to install and update software, as well as updating the operating system itself. A repository is kept of all the available versions of numerous pieces of software, locally on the computer in question. This repository needs to periodically be updated with the latest information. sudo apt update Note that 'apt' commands require elevated privileges. Once this repository is updated, it can then be used to upgrade the various packages on the system. sudo apt upgrade If it is required to list all the packages that need to be upgraded before doing so, this can be achieved with the 'list' command, together with its 'upgradable' argument. sudo apt list --upgradable From the resulting list, if desired, a single package can be upgraded as shown below by replacing 'package_name' with one from the list. sudo apt install --only-upgrade package_name APT can also be used to install new pieces of software, for example, to install the 'netstat' and 'ifconfig' utilities, the 'net-tools' package needs to be installed. sudo apt install net-tools Similarly, for the 'iwconfig' and 'traceroute' utilities to be used, the 'wireless-tools' and 'traceroute' packages needs to be installed. sudo apt install wireless-tools sudo apt install traceroute Packages can also be removed using 'apt'. sudo apt remove traceroute |
| dnf | The 'dnf' package management tool is the default for more recent versions of Linux distributions such as Fedora and Red Hat, along with other Red Hat based distros. It replaced the package management tool 'yum'. With elevated privileges, 'dnf' can be used to upgrade the various packages that are installed on the system. sudo dnf upgrade If a new package needs to be installed, such as the Chromium web browser, this can be achieved with the 'install' command. sudo dnf install chromium Similarly, an individual package can be removed, with the 'remove' command. sudo dnf remove chromium |
| yum | The 'yum' package management tool has been replaced by 'dnf', but may still be found on older versions of Fedora and Red Had Linux, as well as other Red Hat based distros. With elevated privileges, 'yum' can be used to upgrade the various packages that are installed on the system. sudo yum upgrade If a new package needs to be installed, such as the Chromium web browser, this can be achieved with the 'install' command. sudo yum install chromium Similarly, an individual package can be removed, with the 'remove' command. sudo yum remove chromium |
| nslookup | This can be used to lookup information from DNS servers, such as canonical names and IP addresses. nslookup www.stuartsplace.com If you get a non-authoritative answer it means that it is from local cache, rather than the DNS server that would normally provide DNS information for the website in question. A lookup can also be done in the other direction, by using an IP address. nslookup 8.8.8.8 Note that, if the 'nslookup' utility isn't included with the Linux distribution in use, it will need to be installed. An example of how to do this using 'APT' is as follows. sudo apt install dnsutils |
| netstat | Used to determine what type of network connections are occurring inbound as well as outbound from the machine in question. It shows the protocol, local address, including the ephemeral port number, foreign address, including ephemeral port number, and the state. netstat Specifying the 'a' option displays more detail, showing all connections and listening ports. netstat -a This can be subdivided into the TCP and UDP protocols by adding 't' and 'u' respectively. netstat -at netstat -au To return just the listening ports, the 'l' option can be used. netstat -l Again, this can be broken down by protocol by adding 't' or 'u', for either TCP or UDP. netstat -lt netstat -lu The 'p' option allows for the displaying of the Process ID (PID) and program associated with the connection. These results can be displayed all together or broken down by protocol, with 't' and 'u' for TCP and UDP. netstat -p netstat -pt netstat -pu Statistics by protocol can also be returned using the 's' option, which again can be limited to just TCP or UDP by adding 't' or 'u'. netstat -s netstat -st netstat -su To display the routing table, the 'r' option can be specified. netstat -r |
| traceroute | This is a diagnostic tool that can be used to determines the route, from the current machine, to a destination, by sending Internet Control Message Protocol (ICMP) echo packets to the destination. The resulting information shows the time taken in milliseconds to each router, as well as the IP address. It should be noted that some routers are design not to return back any details, so you may not get all the information you require. traceroute www.stuartsplace.com This also works with an IP address. traceroute 8.8.8.8 |
| shutdown | The 'shutdown' command can be used to shutdown or restart the system, either straightaway, using 'now', or a specified number of minutes in the future. A system shutdown is initiated with the 'h' option, with 'r' being required for a restart. sudo shutdown -h now sudo shutdown -h +30 sudo shutdown -r now sudo shutdown -r +30 |
| ping | The 'ping' command is a utility that tests the reachability of a host over an IP network, such as a Local Area Network (LAN), or the Internet. It uses Internet Control Message Protocol (ICMP) echo request messages to contact the host and corresponding replies are received if the host is reachable. By default, echo requests are sent until Ctrl+C is used to stop the requests. Included with each response is the corresponding IP address, the round-trip time in milliseconds and the time to live (TTL), which signifies how many hops it took to reach the destination. ping www.stuartsplace.com To specify the number of echo requests, the 'c' option can be used, followed by a number to limit the requests. ping -c 4 www.stuartsplace.com An IP address can also be used with the 'ping' command, instead of a domain name. ping 8.8.8.8 |
| awk | The 'awk' command allows for the processing of text, including scanning for patterns. It can be used for manipulating data and generating formatted reports. It reads files line by line, applies patterns, and performs specified actions on matching lines. The following examples of its usage are performed on a text file called 'demo.txt', which contains the following. Smith Bob Mr 46 Jones George Mr 29 Bloggs Fred Mr 50 White Alan Mr 28 The contents of a text file can be displayed as follows. awk '{print}' demo.txtDisplay the second and first items only from the text file. By default they are separated by a space. The 'F' option can be used to specify a different separator. awk '{print $2, $1}' demo.txtBob Smith George Jones Fred Bloggs Alan White Display data from the text file as part of a sentence. awk '{print $2, "is", $4, "years old."}' demo.txtBob is 46 years old. George is 29 years old. Fred is 50 years old. Alan is 28 years old. Only display lines from the file containing certain text, in this case 'Bob'. awk '/Bob/ {print}' demo.txt |
| base64 | The 'base64' command can be used to encode and decode binary data, such as text and files, into base64. Encode a file, 'demo.txt', into base64 and save as another file name, 'demo-encoded.txt'. base64 demo.txt > demo-encoded.txt Decode a file, 'demo-encoded.txt', from base64 and save as another file name, 'demo-decoded.txt'. base64 -d demo-encoded.txt > demo-decoded.txt Encode a piece of text in base64 without writing out to a file. echo 'Hello World!' | base64 Decode a piece of text from base64 without writing out to a file. echo 'SGVsbG8gV29ybGQhCg==' | base64 -d |
| cat | The 'cat' command can be used to display the contents of a file or files in a terminal window. Where more than one file name is specified, the file contents is displayed one after the other. cat file1.txt cat file1.txt file2.txt When combined with the 'sort' command, the file contents can be displayed in sort order. This can be further combined with the 'uniq' command to return the file contents in sort order, with any duplicates removed. cat file1.txt | sort cat file1.txt | sort | uniq It can also be used to combine two or more files into a third. cat file1.txt file2.txt > both.txt If statistics are required about the contents of a file, this can be achieved with 'cat', combined with the 'wc' command. The number of words, characters, and lines will be returned. Again, this can be further extended to count unique words in a file. cat unsorted | wc cat unsorted | sort | uniq | wc -w |
| cp | Copy one or more files to a different location. Here, a file is copied to the same location, but with a different name. cp file1.txt file2.txt In order to force a prompt to appear before a file is overwritten, the 'i' option can be used. cp -i file1.txt file2.txt To avoid overwriting an existing file, the 'n' option needs to be utilised. cp -n file1.txt file2.txt To preserve file attributes such as modification time, access time, file flags, file mode, the owner, and group, the 'p' option is required. cp -p file1.txt file2.txt Feedback can also be provided for each individual file being copied using the 'v' option. cp -v file1.txt file2.txt If more than one file of the same type, for example, text files, needs to be copied, the '*' wildcard can be used. In this instance, the files are copied to a folder called 'backup' that resides in the current location. cp *.txt backup To copy all the contents of a directory, including subdirectories and their contents, the 'r' option can be used. Here, items are copied into a folder called 'backup', that resides one level up. The '..' is shorthand for referring to one level up from the current location. cp -r * ../backup |
| echo | As well as displaying text in the terminal, the 'echo' command can be used to append a line of text to the end of a file. echo "This is file 1" >> file1.txt |
| head | View the first few lines of a file. By default this is the first 10 lines, however, this can be altered by using the 'n' option. head file1.txt head -n 20 file1.txt |
| mkdir | If it is necessary to create a directory from the command line, the 'mkdir' command can be used to achieve this. mkdir backup |
| mv | The 'mv' command can be used to move one or more files to a different location, or rename a file in the current location. mv file1.txt file2.txt To move a file into a different location, the folder, or path needs to be specified, for example, a folder called 'backup' in the current location. mv file1.txt backup The '*' wildcard can be used to move multiple files, for example, all text files, to a specified location. mv *.txt backup |
| rm | The 'rm' command can be used to delete both files and directories. A single file can be deleted on its own, or multiple files can be deleted with the use of the '*' wildcard. rm file1.txt rm *.txt In order to delete a directory, along with its contents, the 'r' option needs to be used, in conjunction with 'rm'. rm -r backup |
| sed | The 'sed' command, short for stream editor, can be used to perform basic text transformations on an input stream, such as a file. Replace the first occurrence of the word 'Windows' with 'Linux' in each line of a text file. sed 's/Windows/Linux/' demo.txt Replace the second occurrence of the word 'Windows' with 'Linux' in each line of a text file. sed 's/Windows/Linux/2' demo.txt Replace all occurrences of the word 'Windows' with 'Linux' in each line of a text file. sed 's/Windows/Linux/g' demo.txt Replace all occurrences of the word 'Windows' with 'Linux' in line three only of a text file. sed '3 s/Windows/Linux/g' demo.txt |
| tail | View the last few lines of a file. By default this is the last 10 lines, however, this can be altered by using the 'n' option. Specifying the 'f' option will update the terminal as the file changes. tail file1.txt tail -n 20 file1.txt tail -f file1.txt |
| touch | This command can be used to create a new, empty file. touch file2.txt |
| vi | Open a file for editing in the Vi editor. Note that this command also creates the file if it doesn't already exist. vi file1.txt |
| wc | Display newline, word and byte counts for a file. wc demo.txt |
| xxd | Primarily, this can be used to create and analyse hexadecimal dumps from files, as well as reversing the process. To create a hex dump of a file and display it in the terminal. xxd hello.txt To store the hex dump in a file. xxd hello.txt > hexdump.txt To convert the hex dump back to the original file. xxd -r hexdump.txt > reversed.txt |