Lucas Wiktorowicz | Emerging IT specialist
Security+, Network+, A+, MS-900
Linux Command(er)
June 28, 2025
I’m currently doing some Linux training to sharpen my skills for Digital Forensics. For this, I’m using NDG’s self-paced Linux Essentials course available at Cisco Networking Academy. It is available with hands-on labs and an Ubuntu VM, which you can access right in your browser.
This post will be my command-journal. As I progress through the course expect updates here until I’m done.
Navigating the filesystem
$ pwd # tells you exactly where you are
$ cd .. # up one level
$ cd ../Downloads # up one level, then into Downloads
$ cd ex1/ex2 # down into ex1/ex2
$ cd ~ # straight to your home directory
$ cd / # straight to root
$ cd - # back to the previous directory you were in
Help
$ man <command> # shows manual for command
$ <command> --help # brief summary of usage and flags
$ info <command> # good for learning
$ whatis <command> # brief description of command
$ apropos <keyword> # searches for commands that have keyword in their manual
Useful
$ whoami # displays current user name
$ echo <txt> # prints txt on screen
$ echo <txt> > file.txt # overwrites file with the <txt>
$ echo <txt> >> file.txt # appends the txt to the file
$ grep 'txt' file.txt # searches for txt in a file, every line
$ find . -name <filename> # searches for a file in . current dir
$ history # displays history of used commands
$ cal <month> <year> # calendar
$ date # current date
$ !! # executes last command
$ !<command> # uses last iteration of command
File listing
$ ls # lists files in current dir
$ ls -l # more info with metadata
$ ls -ld # metadata about current directory
$ ls -a # shows hidden files
$ ls -lh # human readable size of files
$ ls -R # recursive listing with subdirectories
$ ls -S # sorts files by size
$ ls -r # reverse sorting
$ ls -t # sorts files by time, --fulltime more precise
File operations
$ cp <source> <destination> # used to copy files, ~ home dir, . current dir
$ cp -v # verbose mode, visible output of copy process
$ cp -p # preserves attributes of the files
$ cp -i # interactive mode Yes/No, prevent overwrite
$ cp -n # no overwrite without asking
$ cp -r (or -R) # copy recursively, including subdirectories
$ mv <source> <destination> # used to move files
$ mv -i -n -v # same as in copy
$ rm <filename> # removes a file
$ rm -i # interactive, confirm before deleting
$ rm -r # allows to remove directories
$ rmdir <dirname> # removes empty directories
$ mkdir <dirname> # create a directory
Expressions
"" # double quotes, prevent from interpreting *, ?, [], etc.
'' # single quotes, prevents all interpreting, even $ variables
\ # backlash, to escape interpreting, \$1
`` # backquote, to specify a command withing a command
& # command will run in background, add this sign at the end
&& # AND, chains commands, performed in sequence, only if they don't fail
| # pipeline, pass output of one command into another
|| # OR, double pipeline, if one fails other runs
; # the semicolon, can run multiple commands one after another,
# just like &&, but this time commands can fail and next will run
* # represents zero or more of any character
? # represents any single character
[ ] # used to match a character from given range of characters
[! ] # negate a range
Compression / Archiving
$ gzip <filename> # compress a file and replace with archive
$ gzip -l <filename> # information about compressed file
$ gunzip <filnename> # decompress a file
$ tar -cf <archive> <file> # creates archive from file or files, directory
# -f flag is used just before archive name
$ tar -z (or -j) # -z or -j specfies compression, .tar.gz or tar.bz2
$ tar -tf <archive> # lists files in archive
$ tar -xf <archive> # decompress archive, -z for tar.gz, -j for tar.bz2
$ tar -rvf <archive> <file> # adds file to choosen archive
$ zip <archive> <file> # compress with zip
$ zip -r # recursive will zip subfolders
$ unzip <archive> # decompress
$ unzip -l # lists files in zip archive
$ unzip <archive> <file> # you can extract only certain file from archive
$ xz, unxz # other compression algo
$ bzip2, bunzip2 # other compression algo
Txt operations
$ cat <filename> # view file, good for small files
$ pager <filename> # displays one page of data at a time
$ less <filename> # similar to pager better navigation
$ more <filename> # limited navigation
$ tail <filename> # displays last 10 lines of a file
$ head <filename> # displays first 10 lines of a file
$ grep 'txt' <filename> # searches for txt in a file, every line
$ wc <filename> # word count, -l lines, -w words, -c bytes
System information
$ arch # system architecture info
$ lscpu # cpu info
$ lspci # PCI devices info
$ lsusb # USB devices info
$ free # used/free memory info, -m in MB, -g in GB, -s refresh in sec
$ ps # current processes, -p PID, -u User, -ef all processes
$ top # dynamic display of current processes
$ uptime # info about load averages
$ jobs # shows running jobs, commands in background
$ kill <PID> # terminates a process
$ killall <commandname> # terminates all processes related to a name
Network
$ ifconfig # display network config information
$ ifdown <interfacename> # takes interface down
$ ifup <interfacename> # takes interface up
$ ip <options> <command> # display interface, protocols, addresses
$ ip route show # table describing routing of packets
$ dig example.com # query DNS, resolves name to IP address
$ ping <destination> # send packets to a destination
$ netstat # info about network, -i traffic, -r routing
$ netstat -tln # info about open ports
$ ss # socket statistics, -s types of sockets
$ host <domainname> # determine IP address by name
$ host <ipaddress> # determine name by IP address
$ ssh <user@hostname> # ssh connection
Users, Groups, Permissions
$ id <username> # info about user, UID, GID
$ id -g # main group info, -G secondary group info
$ who # current logged in users
$ uptime # system info
$ last # show login and reboot records from logs
$ groupadd -g <num> <gname> # add group with given GID and name
$ groupmod -l <new> <old> # change group name from old to new
$ groupmod -g <num> <gname> # change group GID
$ groupdel <gname> # deletes a group, files are orphaned
$ useradd -u <num> <name> # create user with given UID and name
$ useradd -g <gname> <name> # assign user to primary group, -G secondary
$ useradd -mb <path> <name> # creates home directory at path
$ useradd -md <path> <name> # creates full directory, includign username in path
$ useradd -mk <path> <name> # specifies skeleton key directory
$ passwd <name> # creates password for user
$ userdel # deletes user, files orphaned
$ userdel -r # deletes user and files
$ chgrp <gname> <file> # change group of a file, -R recursive with subfolders
$ stat <file> # view permissions, ownership, other info of a file
$ chown <user> <path/file> # change ownership, <user:group> or <:group>
$ chmod <perm> <file> # set permission to a file, ugo(+-=)rwx
$ chmod <numperm> <file> # set num permission, 4 read, 2 write, 1 execute
$ umask <num> # set default permissions for new files, 777-002(umask)=775
Special Permissions
$ chmod u+s <file> # when set on a file, it is run as the owner not user
# chmod 4775, adding 4000 = setuid, 0775 = remove setuid
$ chmod g+s <file> # gives temporary group access when running file
# chmod 2775, adding 2000 = setgid, 0775 = remove setgid
# when set on directory subdirectories inherit setgid
# in both cases s means there is also x, S means no x
$ chmod o+t <file> # Sticky bit, prevent users from deleting files they don't own
# chmod 1775, adding 1000 = stickybit, 0775 = remove bit
# t means there is also x, T means no x
Hard/Soft Links
$ ls -li # lists files with their inode number, number of links
$ ln <target> <linkname> # Hard Link, cannot be used on dir, two filenames same inode
$ ln -s <target> <linkname> # Symbolic (Soft) Link, can link other filesystems
# pointer to a file, when file is removed pointers stop working
© 2025 Lucas Wiktorowicz. All rights reserved.