Open in app

Sign in

Write

Sign in

Fundamental Linux Commands in DevOps that Every Developer Must Know

Prerequisites

Surya Raj Ghimire
17 min readMay 27, 2023

Linux Commands You Must Know

  1. Increase font size on terminal
CTRL+SHIFT+++++

2. Decrease font size

CTRL-----

3. whoami: to see the currently logged-in user

[root@developer ~]# whoami
root

4. hostname: displays the name of the current host system

[root@developer ~]# hostname
developer.srg.com

5. Writing comments: line starting with a hash (#)

[root@developer ~]# #This is a commnet

6. To change hostname: hostnamectl set-hostname <new host name>

[root@developer ~]# hostnamectl set-hostname srghimire.com.np

7. To refresh the terminal: exec bash

[root@developer ~]# exec bash

8. To view ip address of the system: ifconfig or hostname -I

[root@srghimire ~]# ifconfig
[root@srghimire ~]# hostname -I

9. To manage the network configuration: install the network-scripts package

[root@srghimire ~]# yum -y install network-scripts

10. To update system up to date

[root@srghimire ~]# yum -y update

11. To change directory: cd <directory path>

[root@srghimire ~]# cd /etc/sysconfig/network-scripts/
[root@srghimire network-scripts]#

12. To list contents of current dir: ls [options] [file]

options:
-a: all (including hidden)
-l: show long/detail listing
-h: display size on human readable format
-d: directory
-r: reverse order while sorting
-t: sort by modification time, newest first

blue color: directory
white color: normal file
red color: archived or compressed file
light sky: soft or symbolic link

[root@srghimire network-scripts]# ls

13. To create a new file or edit an existing file: vi <filename>

VI editing commands
vi <filename> — open or edit a file
i — switch to insert mode
esc — switch to command mode
:w — save and continue editing
:wq — save and quit/exit vi
:q! — quit vi and do not save changes
yy — yank (copy) a line of text
p — paste a line of yanked text below the current line
dd — delete an entire line

[root@srghimire network-scripts]# vi ifcfg-ens33

14. To display gateway: route -n

[root@srghimire ~]# route -n

15. To assign fixed ip address: open ifcfg-ens33 file on vi editor and modify the content and save

BOOTPROTO=static
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.13.128
NETMASK=255.255.255.0
GATEWAY=192.168.13.2
DNS1=192.168.13.2

16. To restart the network service

[root@srghimire network-scripts]# systemctl restart network

17. To poweroff the machine

[root@srghimire network-scripts]# poweroff

18. To clear the terminal

[root@srghimire ~]# clear

19. To check internet connectivity: ping command

[root@srghimire ~]# ping google.com
[root@srghimire ~]# ping -c 4 google.com

20. Ctrl + C: to terminate the process

21. To create new user accounts: useradd <username>

[root@srghimire ~]# useradd david

22. To set or change password of other user account: passwd <username>

[root@srghimire ~]# passwd david
Changing password for user david.
New password: XXXXXXXX
Retype new password: XXXXXXXX
passwd: all authentication tokens updated successfully.

23. To close the terminal or logout from current user: exit command

[root@srghimire ~]# exit

24. To change password of own account: passwd

[david@srghimire ~]$ passwd
Changing password for user david.
Current password: XXXXXXXX
New password: XXXXXXXX
Retype new password: XXXXXXXX
passwd: all authentication tokens updated successfully.

25. To switch another user account: su — <username>

[david@srghimire ~]$ su - surya
Password: XXXXXXXX
[surya@srghimire ~]$

26. To view content of a file: cat <filename>

[surya@srghimire ~]$ cat file1
This is new file.

27. To create or make new directory: mkdir <directoryname>

[surya@srghimire ~]$ mkdir dir1

28. To view path of the present working directory: pwd

[surya@srghimire ~]$ pwd
/home/surya

29. Changing to another directory: cd command

[surya@srghimire ~]$ cd dir1/
[surya@srghimire dir1]$ pwd
/home/surya/dir1

cd .. : go to parent of the current dir

[surya@srghimire dir1]$ cd ..
[surya@srghimire ~]$ pwd
/home/surya

cd / : go to root dir

[surya@srghimire ~]$ cd /
[surya@srghimire /]$ pwd
/

cd : go to home dir

[surya@srghimire /]$ cd
[surya@srghimire ~]$ pwd
/home/surya

30. Press TAB key to autocomplete the names of directories and files

31. To view current date and time: date command

[surya@srghimire ~]$ date
Wed May 24 20:16:44 +0545 2023

32. To change date: date — set=yyyy-mm-dd

[root@srghimire ~]# date --set=2023-05-24
Wed May 24 00:00:00 +0545 2023

33. To restart the system: reboot

[root@srghimire ~]# reboot

34. To rename a file: mv <oldname> <newname>

[surya@srghimire ~]$ mv file1 newfile1

35. To remove a file: rm <filename>

[surya@srghimire ~]$ rm file2

36. To remove a directory: rm -r <dirname>

[surya@srghimire ~]$ rm -r dir2

37. To move a file/dir to another directory: mv <source> <destination dir>

[surya@srghimire ~]$ mv file1 dir1

38. To view directory tree structure: tree <dirname>

[surya@srghimire ~]$ tree dir1
dir1
├── dir2
│   ├── dir4
│   │   ├── file2
│   │   └── file3
│   └── dir5
│       ├── file4
│       └── file5
├── dir3
└── file1

4 directories, 5 files

39. File Paths

i- Absolute Path (uses /)
start at the root directory (/) and work down
write a slash (/) after every directory name (last one is optional)

[surya@srghimire ~]$ cd /home/surya/dir1/dir2/dir4
[surya@srghimire dir4]$ pwd
/home/surya/dir1/dir2/dir4

ii- Relative Path (uses . & ..)
.(a single dot) represents the current directory
..(two dots) represents the parent directory

[surya@srghimire dir4]$ cd ../../dir3
[surya@srghimire dir3]$ pwd
/home/surya/dir1/dir3

40. To copy a file: cp -i <source> <destination dir>
-i mean interactive: is override or not confirmation?

[surya@srghimire dir4]$ cp -i file2 /home/surya/dir1/dir3
[surya@srghimire dir4]$ ls /home/surya/dir1/dir3
file2

41. To copy a dir: cp -ir <source dir> <destination dir>

[surya@srghimire dir1]$ cp -ir dir3 dir2/dir5

42. grep command: used to find or search a regular expression or a string in a text file and displays all those line that have the matching pattern
grep [option] <pattern> <filename1> <filename2>

options:
^: displays begins with lines
$: displays ends with lines
-v: displays non matching pattern
-c: displays total count of lines

[surya@srghimire ~]$ grep "Linux" welcome.txt
Welcome to Linux !
Linux is a free and opensource Operating system that is mostly used by
and database servers. Linux has also made a name for itself in PCs.
Beginners looking to experiment with Linux can get started with friendlier linux
grep command
[surya@srghimire ~]$ grep ^and welcome.txt 
and database servers. Linux has also made a name for itself in PCs.
[surya@srghimire ~]$ grep web$ welcome.txt 
developers and in production servers for hosting crucial components such as web
[surya@srghimire ~]$ grep -v "Linux" welcome.txt
developers and in production servers for hosting crucial components such as web
distributions such as Ubuntu, Mint, Fedora and Elementary OS.
[surya@srghimire ~]$ grep -c "Linux" welcome.txt
4

43. To create a hidden file: append a dot(.) at the beginning of file name
vi .<filename>

[surya@srghimire ~]$ vi .file2

44. To create a hidden directory: mkdir .<dirname>

[surya@srghimire ~]$ mkdir .dir2
ls -a command

45. less command: used for viewing content of a long file
less <filename>

[surya@srghimire ~]$ cp /usr/share/dict/words .
[surya@srghimire ~]$ less words

Navigating in the file:
down arrow: one line forward
up arrow: one line backward
G: jump to the end of the file
g: jump to the beginning of the file
q: exit
/text: to search the text
n: to show next occurrence of the searched text in forward direction
N: to show previous match during the search

46. pipeline command: uses two or more commands such that output of one command serves as input to the next
cmd1 | cmd2

[surya@srghimire ~]$ cat /etc/passwd | grep bash
root:x:0:0:root:/root:/bin/bash
surya:x:1000:1000:Surya Raj Ghimire:/home/surya:/bin/bash
david:x:1001:1001::/home/david:/bin/bash
pipeline command
[surya@srghimire ~]$ cat /etc/passwd | less

47. To create empty file: touch <filename>

[surya@srghimire ~]$ touch file3
[surya@srghimire ~]$ touch .file4

48. To create an archive file: tar [options] <archive filename> <files/dirs. to be archived>

options:
-c: create
-v: display details information
-f: create archive with given file name
-t: displays or lists files in archived file
-x: extract the archive
-z: zip, tells tar command that creates tar file using gzip

[surya@srghimire ~]$ tar -cvf impfiles.tar words dir1 /etc/host
tar command

To create ‘gzip’ compressed archive:

[surya@srghimire ~]$ tar -zcvf newimpfiles.tar.gz words dir1 /etc/host

49. To list contents of an archived file: tar -tvf <archived filename>

[surya@srghimire ~]$ tar -tvf impfiles.tar

50. To extract contents of an archived file: tar -xvf <archived filename>

[surya@srghimire ~]$ mkdir extractimpfile
[surya@srghimire ~]$ cd extractimpfile/
[surya@srghimire extractimpfile]$ tar -xvf ../impfiles.tar
[surya@srghimire extractimpfile]$ ls

51. To view file size: ls -lh <filename>

[surya@srghimire ~]$ ls -lh words 
-rw-r--r--. 1 surya surya 4.8M May 25 11:24 words

where:
-rw-r — r — .: permission
1: hard link
surya: owner’s name
surya: group’s name
4.8M: file size
May 25 11:24: last accessed date and time
words: file name

52. To view directory size: ls -lhd <dirname>

[surya@srghimire ~]$ ls -lhd extractimpfile/
drwxrwxr-x. 3 surya surya 31 May 25 12:45 extractimpfile/

53. To compress a file: gzip [options] <filename>

[surya@srghimire ~]$ gzip -v words
words:  70.2% -- replaced with words.gz
[surya@srghimire ~]$ ls -lh words.gz 
-rw-r--r--. 1 surya surya 1.5M May 25 13:08 words.gz
[surya@srghimire ~]$ bzip2 -v words 
  words:    2.894:1,  2.765 bits/byte, 65.44% saved, 4953680 in, 1711811 out.
[surya@srghimire ~]$ ls -lh words.bz2 
-rw-r--r--. 1 surya surya 1.7M May 25 13:08 words.bz2

54. To de-compress a compressed file: gunzip <compressed filename>

[surya@srghimire ~]$ gunzip words.gz
[surya@srghimire ~]$ bunzip2 words.bz2

55. To view contents of an archived compressed file: tar -ztvf <archived compressed filename>

[surya@srghimire ~]$ tar -ztvf newimpfiles.tar.gz

56. To extract contents of an archived compressed file: tar -zxvf <archived compressed filename>

[surya@srghimire ~]$ mkdir newextractimpfile
[surya@srghimire ~]$ cd newextractimpfile/
[surya@srghimire newextractimpfile]$ tar -zxvf ../newimpfiles.tar.gz

57. Linux file hierarchy structure:
/: root directory
/home: it contains normal user’s home dir
/root: it is home dir of administrator (root)
/usr: it contains binaries, libraries, documentations, etc
/usr/bin: it contains non-administrative commands like ls, mkdir, vi, cat, clear, cd, etc
/usr/sbin: it contains administrative commands like useradd, usermod, etc
/etc: it contains configuration file
/dev: it contains device files
/lib: it contains shared libraries

58. Getting help using ‘man’ page: man <command name>

searching text in man page:
/text: to search the text
n: to search next occurrence on forward direction
N: to search backward direction

[surya@srghimire ~]$ man ls

59. Getting help using ‘ — help’ option: <command name> — help

[surya@srghimire ~]$ ls --help
[surya@srghimire ~]$ ls --help | grep -i sort

60. To add a new user group: groupadd <group name>

[root@srghimire ~]# groupadd sales
[root@srghimire ~]# groupadd marketing
[root@srghimire ~]# groupadd staff

61. To view user groups: cat /etc/group

[root@srghimire ~]# cat /etc/group
sales:x:1002:bikash,roshan
marketing:x:1003:roshan
staff:x:1004:

explanation:
group_name:x:<GID>:<members of the group>

62. Assigning groups to the user:
useradd -g <primary group> -G <secondary groups> <username>

[root@srghimire ~]# useradd -g staff -G sales bikash
[root@srghimire ~]# useradd -g staff -G sales,marketing roshan
[root@srghimire ~]# useradd ramesh

63. To view previously executed command history: using up arrow key or history command

[root@srghimire ~]# history

64. To view users: cat /etc/passwd

[root@srghimire ~]# cat /etc/passwd
surya:x:1000:1000:Surya Raj Ghimire:/home/surya:/bin/bash
david:x:1001:1001::/home/david:/bin/bash
bikash:x:1002:1004::/home/bikash:/bin/bash
roshan:x:1003:1004::/home/roshan:/bin/bash
ramesh:x:1004:1005::/home/ramesh:/bin/bash

explanation:
user_name:x:<UID>:<GID>:<full name>:<users’ home dir>:<shell>

65. To display all the groups that a particular user belongs to: groups <username>

[root@srghimire ~]# groups roshan
roshan : staff sales marketing

66. To delete a user account: userdel -r <username>

[root@srghimire ~]# userdel -r ramesh
[root@srghimire ~]# grep ramesh /etc/passwd
[root@srghimire ~]#

67. Modifying user’s account: usermod command

[root@srghimire ~]# groups david
david : david
[root@srghimire ~]# usermod -G sales david
[root@srghimire ~]# groups david
david : david sales

68. To change ownership of a file/dir:
chown <new owner>:<new group> <file/dir>

[root@srghimire ~]# mkdir -p /srg/project
[root@srghimire ~]# mkdir -p /srg/{sales,marketing,manufact}
[root@srghimire ~]# ls -ld /srg/project
drwxr-xr-x. 2 root root 6 May 25 17:25 /srg/project
[root@srghimire ~]# chown surya:sales /srg/project
[root@srghimire ~]# ls -ld /srg/project
drwxr-xr-x. 2 surya sales 6 May 25 17:25 /srg/project
[root@srghimire ~]# chown -R surya:sales /srg
[root@srghimire ~]# cd /srg
[root@srghimire srg]# ls -l
total 0
drwxr-xr-x. 2 surya sales 6 May 25 17:26 manufact
drwxr-xr-x. 2 surya sales 6 May 25 17:26 marketing
drwxr-xr-x. 2 surya sales 6 May 25 17:25 project
drwxr-xr-x. 2 surya sales 6 May 25 17:26 sales

69. Permission

Types of users in terms of ownership
i. Owner (u)
ii. Group Member (g)
iii. Others (o)

Types of permissions (General permission)
i. Read (r — 4)
ii. Write (w — 2)
iii. Execute (x — 1)

Full permission (rwx — 7)
No permission (- — 0)

Operators used while changing permission
+ : Adds the given permission on existing one (does not override existing permission)
- : Removes the given permission from existing one
= : It absolutely assigns the given permission (overriding existing permission)

Ex: r-x
+w : rwx
=w : -w-
-r : —x

Effects/meaning of permissions on file/dir
[surya@srghimire ~]$ ls -ld file3
-rw-rw-r--. 1 surya surya 0 May 25 12:11 file3
[surya@srghimire ~]$ ls -ld dir1/
drwxrwxr-x. 4 surya surya 43 May 24 00:39 dir1/

explanation:

drwxrwxr-x
-      ---     ---     ---
type   owner   group   others
d      rwx     rwx     r-x
       7       7       5

type:
-: normal file
d: dir
l: soft link (similar to windows’ shortcut)

4: hard link
surya: user name
surya: group name
43: size
May 24 00:39: last accessed/modified date time
dir1: directory name

70. To change permission of a file/dir: chmod command

symbolic method:
owner: full permission (rwx)
group: read only (r — )
others: no permission ( — -)

[surya@srghimire ~]$ ls -l file3 
-rw-rw-r--. 1 surya surya 0 May 25 12:11 file3
[surya@srghimire ~]$ chmod u=rwx,g=r,o= file3
[surya@srghimire ~]$ ls -l file3 
-rwxr-----. 1 surya surya 0 May 25 12:11 file3

numeric method:
owner: full permission (7)
group: read only (4)
others: no permission (0)

[surya@srghimire ~]$ ls -l newfile1 
-rw-rw-r--. 1 surya surya 18 May 24 19:35 newfile1
[surya@srghimire ~]$ chmod 740 newfile1 
[surya@srghimire ~]$ ls -l newfile1 
-rwxr-----. 1 surya surya 18 May 24 19:35 newfile1
[root@srghimire ~]# chmod -R 750 /srg/project/
[root@srghimire ~]# ls -ld /srg/project/
drwxr-x---. 2 surya sales 6 May 25 17:25 /srg/project/
[root@srghimire ~]# chmod o+x /srg/project/
[root@srghimire ~]# ls -ld /srg/project/
drwxr-x--x. 2 surya sales 6 May 25 17:25 /srg/project/

71. Getting information about memory and swap: free command

[root@srghimire ~]# free -h

72. Getting information about processors: lscpu command

[root@srghimire ~]# lscpu

73. Getting information about disk partitions: df command

[root@srghimire ~]# df -h
[root@srghimire ~]# lsblk

74. To view the first few (default 10) lines of a file: head [no of line] filename

[surya@srghimire ~]$ head welcome.txt
[surya@srghimire ~]$ head -5 welcome.txt

75. To view the last few (default 10) lines of a file: tail [no of line] filename

[surya@srghimire ~]$ tail welcome.txt
[surya@srghimire ~]$ tail -5 welcome.txt

76. Getting information about processes: ps command

[surya@srghimire ~]$ ps -ef | less

77. To find the high resource consuming processes: top command

[surya@srghimire ~]$ top

78. To create a soft link/symbolic link (shortcut):
ln -s <source> <link name>

[surya@srghimire ~]$ mkdir -p /home/surya/devops/docker/container
[surya@srghimire ~]$ vi /home/surya/devops/docker/container/cl
[surya@srghimire ~]$ ln -s /home/surya/devops/docker/container/cl /home/surya/cont
[surya@srghimire ~]$ ls -l cont
lrwxrwxrwx. 1 surya surya 38 May 25 20:14 cont -> /home/surya/devops/docker/container/cl
[surya@srghimire ~]$ cat cont
This is containter file.

79. Granting administrative privileges to a normal user: visudo command

[root@srghimire ~]# visudo

goto bottom of the file and add following text and then save and exit

surya             ALL=(ALL)              ALL
david             ALL=(ALL)              NOPASSWD:ALL
[root@srghimire ~]# su surya
[surya@srghimire ~]$ sudo useradd lalit
[sudo] password for surya: XXXXXXXX
[surya@srghimire ~]$
[surya@srghimire ~]$ sudo useradd rabin
[surya@srghimire ~]$ sudo passwd rabin
Changing password for user rabin.
New password: XXXXXXXX
Retype new password: XXXXXXXX
passwd: all authentication tokens updated successfully.
[david@srghimire ~]$ sudo userdel -r rabin
[david@srghimire ~]$ grep rabin /etc/passwd

80. To install (managing) a packages: yum -y install <package name>

[root@srghimire ~]# yum -y install httpd
Complete!
[root@srghimire ~]# rpm -q httpd
httpd-2.4.37-54.module_el8.8.0+1256+e1598b50.x86_64

81. To query a packages: rpm -q <package name>

[root@srghimire ~]# rpm -q nginx
package nginx is not installed
[root@srghimire ~]# rpm -q zip
zip-3.0-23.el8.x86_64

82. To check OS version

[root@srghimire ~]# cat /etc/redhat-release 
CentOS Stream release 8

83. echo command: is used to display the text passed in as an argument

[root@srghimire ~]# echo "Hello World"
Hello World

84. To view particular variable value: echo $<variable name>

[root@srghimire ~]# echo $HOME
/root
[root@srghimire ~]# echo $PATH
/home/david/.local/bin:/home/david/bin:/home/surya/.local/bin:/home/surya/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin

85. To display path of the command: which <command name>

[root@srghimire ~]# which clear
/usr/bin/clear
[root@srghimire ~]# which cat
/usr/bin/cat
[root@srghimire ~]# /usr/bin/clear

86. To create a shell script

[surya@srghimire ~]$ mkdir /home/surya/scripts
[surya@srghimire ~]$ cd scripts/
[surya@srghimire scripts]$ vi mytasks.sh
[surya@srghimire scripts]$ ls -l
total 4
-rw-rw-r--. 1 surya surya 116 May 25 21:48 mytasks.sh
[surya@srghimire scripts]$ chmod u+x mytasks.sh 
[surya@srghimire scripts]$ ls -l
total 4
-rwxrw-r--. 1 surya surya 116 May 25 21:48 mytasks.sh
[surya@srghimire scripts]$ /home/surya/scripts/mytasks.sh
[surya@srghimire scripts]$ ./mytasks.sh

87. Setting path temporarily: PATH=$PATH:<new path>

[surya@srghimire ~]$ PATH=$PATH:/home/surya/scripts
[surya@srghimire ~]$ echo $PATH
/home/david/.local/bin:/home/david/bin:/home/surya/.local/bin:/home/surya/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/home/surya/scripts
[surya@srghimire ~]$ mytasks.sh

88. Setting path permanently: vi .bashrc

[surya@srghimire ~]$ ls -a
.bash_profile
.bashrc
[surya@srghimire ~]$ vi .bashrc

goto bottom of the file and add following text and then save and exit

export PATH=$PATH:/home/surya/scripts

to reload the changes

[surya@srghimire ~]$ source .bashrc
[surya@srghimire ~]$ . .bashrc
[surya@srghimire ~]$ echo $PATH
/home/surya/.local/bin:/home/surya/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/home/surya/scripts

89. To schedule a task using ‘cron’

time format of crontab

Min     Hr     DoM    M      DoW   <command/Script>
00-59   0-23   1-31   1-12   0-6 
00      9      *      *      *     free -h >/home/surya/meminfo
00      *      *      *      *     mytasks.sh >>/home/surya/scriptout
*/10    *      *      *      *     --------------
30      17     31     12     *     /scripts/annualjobs.sh
00      00     *      *      5     /scripts/weekly_fullbkp.sh
[surya@srghimire ~]$ crontab -e

add the cron jobs inside the editor and then save and exit

*        *       *       *       *       free -h >/home/surya/memoryinfo
30       8       *       *       *       poweroff

90. Redirection operator: > or >>
> is used to redirect the contents of a command/file to another by overwriting it
>> is used to append the contents specified to the end of the file and not to replace

[surya@srghimire ~]$ echo “hello world” > file.txt
[surya@srghimire ~]$ cat file.txt
“hello world”
[surya@srghimire ~]$ echo “this is the second line” >> file.txt
[surya@srghimire ~]$ echo “this is the third line” >> file.txt
[surya@srghimire ~]$ cat file.txt
“hello world”
“this is the second line”
“this is the third line”

91. To list scheduled jobs: crontab -l

[surya@srghimire ~]$ crontab -l
*   *   *   *   *   free -h >/home/surya/memoryinfo
30  8   *   *   *   poweroff

92. To restart the service

[surya@srghimire ~]$ systemctl restart crond

93. To view logs of different services: /var/log

[root@srghimire ~]# ls /var/log/
[root@srghimire ~]# ls /var/log/httpd/

94. To view remote, ssh, telnet login logs: /var/log/secure

[root@srghimire ~]# cat /var/log/secure
[root@srghimire ~]# tail /var/log/secure
May 26 19:55:39 srghimire su[7066]: pam_unix(su:session): session opened for user root by (uid=1000)
May 26 20:02:56 srghimire sshd[7610]: Accepted password for surya from 192.168.13.1 port 55450 ssh2
May 26 20:02:56 srghimire sshd[7610]: pam_unix(sshd:session): session opened for user surya by (uid=0)

explanation:
May 26 20:02:56: log generated date and time
srghimire: machine name
sshd: log generated service
[7610]: process id
pam_unix(sshd:session): session opened for user surya by (uid=0): log message
192.168.13.1: remote host
surya: login user name

95. To view real time log message

[root@srghimire ~]# tail -f /var/log/secure

96. To view network adaptor name: ip link

[root@srghimire ~]# ip link

97. To view dns: cat /etc/resolv.conf

[root@srghimire ~]# cat /etc/resolv.conf 
# Generated by NetworkManager
search com.np
nameserver 192.168.13.2

98. To view current status of a service: systemctl status <service name>

[root@srghimire ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disa>
   Active: inactive (dead)
[root@srghimire ~]# systemctl status sshd
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2023-05-26 18:35:37 +0545; 2h 32min ago

99. To start a service (temporarily): systemctl start <service name>

[root@srghimire ~]# systemctl start httpd
[root@srghimire ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disa>
   Active: active (running) since Fri 2023-05-26 20:54:58 +0545; 8s ago

100. To start a service (permanently -automatically during boot time): systemctl enable <service name>

[root@srghimire ~]# systemctl enable httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@srghimire ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disab>
   Active: active (running) since Fri 2023-05-26 20:54:58 +0545; 5min ago

101. To view the list of opened ports

[root@srghimire ~]# netstat -tnl

102. To stop a service: systemctl stop <service name>

[root@srghimire ~]# systemctl stop httpd
[root@srghimire ~]# netstat -tnl | grep 80
[root@srghimire ~]# systemctl start httpd
[root@srghimire ~]# netstat -tnl | grep 80
tcp6       0      0 :::80                   :::*                    LISTEN
[root@srghimire ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Fri 2023-05-26 21:12:42 +0545; 1min 31s ago

103. To stop a service on next reboot: systemctl disable <service name>

[root@srghimire ~]# systemctl disable httpd
Removed /etc/systemd/system/multi-user.target.wants/httpd.service.
[root@srghimire ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
   Active: inactive (dead)

104. To view services’ default port: /etc/services

[root@srghimire ~]# less /etc/services

105. Listing rules in the firewall

[root@srghimire ~]# firewall-cmd --list-all

106. To check firewall package and service status

[root@srghimire ~]# rpm -q firewalld
firewalld-0.9.3-13.el8.noarch
[root@srghimire ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2023-05-26 18:35:37 +0545; 2h 58min ago

107. To refresh changed firewall rule

[root@srghimire ~]# firewall-cmd --reload
success

108. Allowing a service in the firewall:
firewall-cmd — permanent — add-service=<service name>

[root@srghimire ~]# firewall-cmd --permanent --add-service=ssh
Warning: ALREADY_ENABLED: ssh
success
[root@srghimire ~]# firewall-cmd --permanent --add-service=http
success
[root@srghimire ~]# firewall-cmd --reload
success
[root@srghimire ~]# firewall-cmd --list-all
[root@srghimire ~]# firewall-cmd --permanent --add-service={https,smtp,dns}
success
[root@srghimire ~]# firewall-cmd --reload
success
[root@srghimire ~]# firewall-cmd --list-all
public (active)
  services: cockpit dhcpv6-client dns http https smtp ssh

109. Allowing a port in the firewall:
firewall-cmd — permanent — add-port=<port number>/<protocol>

[root@srghimire ~]# firewall-cmd --permanent --add-port=6688/tcp
success
[root@srghimire ~]# firewall-cmd --permanent --add-port={1234/tcp,589/tcp,998/udp}
success
[root@srghimire ~]# firewall-cmd --reload
success
[root@srghimire ~]# firewall-cmd --list-all
public (active)
  ports: 6688/tcp 1234/tcp 589/tcp 998/udp

110. Removing a port from the firewall:
firewall-cmd — permanent — remove-port=<port number>/<protocol>

[root@srghimire ~]# firewall-cmd --permanent --remove-port=6688/tcp
success
[root@srghimire ~]# firewall-cmd --permanent --remove-port={1234/tcp,589/tcp,998/udp}
success
[root@srghimire ~]# firewall-cmd --reload
success
[root@srghimire ~]# firewall-cmd --list-all

111. Removing a service from the firewall:
firewall-cmd — permanent — remove-service=<service name>

[root@srghimire ~]# firewall-cmd --permanent --remove-service=http
success
[root@srghimire ~]# firewall-cmd --permanent --remove-service={https,smtp,dns}
success
[root@srghimire ~]# firewall-cmd --reload
success
[root@srghimire ~]# firewall-cmd --list-all

112. Remote SSH login: ssh username@sshserver_ip

through windows command prompt

C:\Users\user>ssh surya@192.168.13.128
The authenticity of host '192.168.13.128 (192.168.13.128)' can't be established.
ECDSA key fingerprint is SHA256:0w3KwTevfkGFbPaqosRB6F8OVEN8nte193c/ICIFyqg.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.13.128' (ECDSA) to the list of known hosts.
surya@192.168.13.128's password: XXXXXXXX
Activate the web console with: systemctl enable --now cockpit.socket

Last login: Fri May 26 18:36:04 2023
[surya@srghimire ~]$
SSH login through windows command prompt

through PuTTY

SSH login through PuTTY
SSH login through PuTTY

through Bitvise SSH Client

SSH login through Bitvise SSH Client
Bitvise SFTP window

113. Creating private and public key pair for direct SSH login without providing password

generate key on the local machine (192.168.13.128)

[root@srghimire ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:KQBF895thS1SmVVX5G3KSiRDM+/L3uqD7NlffNn1ihI root@srghimire.com.np
The key's randomart image is:
+---[RSA 3072]----+
|  .o+     =+....=|
|   . o   oo*   o.|
|    . . . = =   +|
|     o . + B . o |
|      o S o o o .|
|       . .Eo o .=|
|         . o+  .*|
|          ++.o o.|
|         .oo*++  |
+----[SHA256]-----+
[root@srghimire ~]#
[root@srghimire ~]# ls ~/.ssh/
id_rsa  id_rsa.pub

explanation:
id_rsa: contains private key
id_rsa.pub: contains public key

copy public key file id_rsa.pub to remote server (192.168.13.130) with special name authorized_keys

[root@srghimire ~]# scp /root/.ssh/id_rsa.pub david@192.168.13.130:/home/david/.ssh/authorized_keys

or

[root@srghimire ~]# ssh-copy-id david@192.168.13.130
[root@srghimire ~]# ssh david@192.168.13.130
Activate the web console with: systemctl enable --now cockpit.socket

Last login: Fri May 26  21:06:44 2023 from 192.168.13.128

--

--

Surya Raj Ghimire

Written by Surya Raj Ghimire

158 Followers

Full-Stack Software Engineer

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams