_______________________________________
Coming soon...
Cron jobs
Hostname
Addition in bash, spacing
su
Any commands that require admin privileges can be run by a user not logged in as root by putting su in front of the command. Best practice is don't log in as root and use su. You'll need to enter a root password.
_______________________________________
sudo
Put in front of any single command to run that command as root without entering the root password.
Users who can sudo are listed in /etc/sudo
Edit with visudo
http://aplawrence.com/Basics/sudo.html
_______________________________________
List what's in current directory
ls
_______________________________________
Output file to screen in terminal window
Originally cat was use for concatenating files, but many people use it just to output the file to the screen
cat [file]
_______________________________________
sed, awk, tr, cut - text formatting and manipulation
sed and awk are stream processors. Pass in a string and get transformed output. scripting.
tr will take input and replace or delete characters in the new output
cut extracts a portion of a file by selecting columns
_______________________________________
Display particular lines of file (head and tail)
Show beginning lines of file
head file
Show last lines of file
tail file
Show lines 10 - 20 of file
head -10 $line file | tail -20or awk and sed
http://unix.stackexchange.com/questions/47407/cat-line-x-to-line-y-on-a-huge-file
_______________________________________
Tee
Output results of a command to standard out and file at the same time
cat [file1] | tee [file2]
http://linux.101hacks.com/unix/tee-command-examples/
_______________________________________
Find a file or application
In current directory:
find -name "file name in quotes"
From root
find / -name "file name in quotes"
Ignore case:
find -iname "file name in quotes"
Using wild card (e.g. find all files that end in .conf)
find -name "*.conf"
Find all files with permission (e.g. 0777)
find -type f -perm 0777
Use locate
locate "*.jpg"
locate "*.jpg"
More:
https://www.digitalocean.com/community/tutorials/how-to-use-find-and-locate-to-search-for-files-on-a-linux-vps_______________________________________
Find Text in a File
To find the string "text" in any text file:
grep "text" *.txt
Use strings to read the human readable portion of a binary file
strings [file]
_______________________________________
Show permissions of files in a directory
ls -l
or
ls -al
or recursively display permissions of subdirectories
ls -lR
_______________________________________
See Permissions for Specific File
ls -l [file name]
_______________________________________
Find all the files owned by a particular user
find / -user [user]
_______________________________________
Find all the files owned by a particular group
find / -group [group]
_______________________________________
File & Directory Permissions
When file permissions are listed look something like this:
-rwxrw-r-- [user] [group] [file]
Each of first 10 characters have following meaning:
d if directory otherwise -
r if owner can read otherwise -
w if owner can write otherwise -
x if owner can execute otherwise -
r if group can read otherwise -
w if group can write otherwise -
x if group can execute otherwise -
w if group can write otherwise -
x if group can execute otherwise -
r if everyone can read otherwise -
w if everyone can write otherwise -
x if everyone can execute otherwise -
This is followed by owner, group and file name.w if everyone can write otherwise -
x if everyone can execute otherwise -
_______________________________________
Numerical Permissions
The above 10 character permissions can be translated to numbers. The shortened, numerical form of permissions is used by most Unix admins when setting permissions. A letter = on (1) and a dash = off (0).
Chars = binary = decimal
rwx = 111= 7
rw- = 110 = 6
r-x = 101 = 5
r-- = 100 = 4
So to give full rights to owner (7), read only to group (4) and no rights to everyone (0) would be 740
More on binary, hexadecimal and binary if you really want to know
http://websitenotebook.blogspot.com/2014/05/hexadecimal-to-binary-to-decimal-cheat.html
_______________________________________
List users on system
awk -F':' '{print $1}' /etc/passwd
Or
cat /etc/passwd
_______________________________________
Determine user home directory
cat /etc/passwd
_______________________________________
Login as another user
su [user name]
_______________________________________
List groups on system
cut -d: -f1 /etc/group
_______________________________________
View contents of file that defines groups
cat /etc/group
_______________________________________
Add a user to a group
Add a user to a group
usermod -a -G <group> <username>
_______________________________________See if user has root permissions by checking to see if they have UID 0
grep 'x:0:' /etc/passwd
_______________________________________
See which users are in root group
grep root /etc/group
_______________________________________
See which users can execute as root
cat /etc/sudoers
_______________________________________
List programs installed
compgen -c
_______________________________________
Find a specific program
compgen -c | grep bash
_______________________________________
Check which programs can execute as root using SUID bit
find / -perm -04000
_______________________________________
Edit Linux networking
Edit the file specific to the interface you want to alter
/etc/sysconfig/network-scripts/ifcfg-eth0
_______________________________________
View Firewall Rules
iptables -L -n
_______________________________________
Stop Firewall
service iptables stop
_______________________________________
Create Firewall Rules
iptables(8) -A INPUT -m state --state ESTABLSHIED, RELATED --j ACCEPT
Typically accept state ESTABLISHED, RELATED and NEW. Drop others.
http://explainshell.com/explain?cmd=iptables+-A+INPUT+-m+state+--state+ESTABLISHED%2CRELATED+-j+ACCEPT
http://explainshell.com/explain/8/iptables
http://security.stackexchange.com/questions/4603/tips-for-a-secure-iptables-config-to-defend-from-attacks-client-side
http://ipset.netfilter.org/iptables.man.html
_______________________________________
Distinction between "shell" and "terminal emulator"
The shell handles commands. The terminal or terminal emulator provides a way to send commands to the shell from a graphical user interface.
_______________________________________
Change default terminal
update-alternatives --config x-terminal-emulator
_______________________________________
TERM environment variable
The TERM environment variable is updated by the terminal, not used to define it.
_______________________________________Change file permissions
chmod [permissions] [file]
Common file permissions
777 no restrictions (no good)
755 owner can write, anyone can read & exec
700 only owner has rights and can read, write, exec
666 all users may read and write
644 owner may write, anyone can read
600 owner may read and write
Directory permissions
777 no restrictions
755 owner has full access, others can list files, not create or delete
700 directory owner has full access
_______________________________________
Create a file
Use a text editor
or
echo "some text to put into a file" > [file]
_______________________________________
Delete a file
rm [file]
_______________________________________
Change file owner
chown [user] [file]
_______________________________________
Change file group ownership
chgrp [group] [file]
_______________________________________
How to tell if a process is running
ps aux | grep [process]
_______________________________________
So to see if SSH is running
ps aux | grep sshd
_______________________________________
To see network information including mac and IP
ifconfig
_______________________________________
To see gateways and routing information
route -n
Or
netstat -r
_______________________________________
Default gateway on Linux
The last entry in the route table using defines the default gateway.
route -n
More:
http://www.idevelopment.info/data/Networking/Networking_Tips/ROUTERS_Gateways_Routing_Table.shtml
http://www.cyberciti.biz/faq/linux-setup-default-gateway-with-route-command/
http://linuxconfig.org/configuring-default-gateway-on-redhat-enterprise-linux
Multiple interfaces (see last answer):
http://serverfault.com/questions/597791/linux-adds-the-wrong-default-route
_______________________________________
List Services
ls /etc/init.d
_______________________________________
View Running Services
top
or
ps -Al
_______________________________________
Generate SSH key
ssh-keygen -t rsa -C "your_email@example.com"
Enter file in which to save the key (/c/Users/you/.ssh/id_rsa): [Press enter]
Enter passphrase (empty for no passphrase): [Type a passphrase]
Enter same passphrase again: [Type passphrase again]
# start the ssh-agent in the background
ssh-agent -s
# add the key
ssh-add ~/.ssh/id_rsa
Git, for example:
https://help.github.com/articles/generating-ssh-keys/
http://www.ece.uci.edu/~chou/ssh-key.html
_______________________________________
SSH on command line
Using a private key file
ssh -i [path to key file][user]@[host]
On Windows you'll have to install SSH command line tool:
http://www.windows-commandline.com/windows-command-line-ssh/
More:
http://www.cyberciti.biz/faq/force-ssh-client-to-use-given-private-key-identity-file/
http://support.suso.com/supki/SSH_Tutorial_for_Linux
_______________________________________
SSH to Linux Machine with Putty
Download putty from http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
Verify the integrity of the file with SHA2 (preferably)
Double click on Putty.exe to run.
Enter IP address and choose SSH as shown below.
The machine you are connecting to should probably require additional configuration to ensure your session is encrypted.
For example, connecting to AWS instances will require you to provide the key used when you started the instance:
AWS SSH:
Putty uses ppk format for files.
You may need to generate a key, or convert a key using puttygen (download on putty site).
Make a SHA1 hash of a string
echo -n some_text_here | sha1sum | awk '{print $1}'
_______________________________________
Make a SHA2 hash of a string
echo -n some_text_here | sha256sum
_______________________________________
Create Sha1 hash of a file
sha1sum [file] > [file].sha1
_______________________________________
Verify Sha1 hash of a file
sha1sum -c [file].sha1
_______________________________________
Mount CDRom
If there's a CD Rom on your machine and need to mount it:
mount cdrom
Or
mount /dev/cdrom
Or
mount /mnt/cdrom
Mount an ISO
If you have an iso you want to mount onto a directory:
sudo mount -o loop [iso] [directory]
_______________________________________Eject CD Rom
eject
_______________________________________
Determine if ASCII file is Unix or Windows
Both Windows and Unix ASCII files use a carriage return at the end of a line. If you use the file command on a Unix ASCII file it will tell you the file is an ASCII file. If you use the file command on a Windows ASCII file it will tell you the file is an ASCII file with CRLS line terminators.
file [file name]
_______________________________________
dos2unix and unix2dos
The first utility transforms DOS files to unix and vice versa for the second.
dos2unix [file]
unix2dos [file]
_______________________________________
Convert binary file to hex and other formats
Hexdump
Hexdump
https://www.suse.com/communities/conversations/making-sense-hexdump/
hexdump -x
and
od -x
Both produce same output of binary to hex
_______________________________________
view shell command history (.bash_history)
view recent commands
history
find specific text in history with grep
history | grep pwd
find specific text in history with grep
history | grep pwd
Search the .bash_history file. Get the folder where the .bash_history file is stored from the HIST environment variable. Go to that folder.
cat .bash_history | grep "some value to find"
_______________________________________
Log files on Linux
Log files are typically in this directory: /var/log
Logs are generally created by rsyslog:
/etc/rsyslog.d/ /etc/rsyslog.confTypes of logs:
messages - application messages
system - system messages
access.log - apache access log
Many applications specify their own application specific log locations
Browsers history shows what pages have been visited
_______________________________________
Proxy Settings on Linux
Different apps have proxies set in configuration files or different places on Linux.
User specific proxy settings for Firefox on Linux: click edit > preferences > advanced > network > settings
Package managers generally have their own specifics for setting a proxy.
Proxy server applications such as SQUID can also be set up on Linux to cache and proxy requests
Different versions of Linux set proxies in different ways. There may be a gui for this (*gasp*). Otherwise the network configuration is generally stored in a file with some variable for the proxy. [More later if time]
Command line proxy settings:
http://www.shellhacks.com/en/HowTo-Use-a-Proxy-on-the-Linux-Command-Line
_______________________________________
Find a Deleted File
lsof
_______________________________________
_______________________________________
_______________________________________
Find Process Using a File
lsof [Name of file]
_______________________________________
Find Script That Started a Process
ps
_______________________________________
_______________________________________
get environment variables for a process
_______________________________________
Show Libraries used by an application
TCP Wrappers wraps network access controls around applications.
Configuration files:
/etc/hosts.allow
/etc/hosts.deny
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Security_Guide-TCP_Wrappers_and_xinetd-TCP_Wrappers_Configuration_Files.html
Find out if a file is compiled with TCP Wrappers
http://www.cyberciti.biz/faq/tcp-wrappers-hosts-allow-deny-tutorial/
_______________________________________
Bring back deleted file
Get the source code for a running process running contents of a deleted file:
Get the source code for a running process running contents of a deleted file:
lsof | grep myfile
cp /proc/[pid]/fd/[file descriptor] myfile.saved _______________________________________
Environment Variables
set, printenv, env
get environment variables for a process
xargs --null --max-args=1 < /proc/[pid]/environ
https://www.digitalocean.com/community/tutorials/how-to-read-and-set-environmental-and-shell-variables-on-a-linux-vps
Environment variables for a process:
Environment variables for a process:
_______________________________________
Show Libraries used by an application
user@home ~/ $ ldd [path to application]
http://en.wikipedia.org/wiki/Ldd_%28Unix%29
_______________________________________
TCP WrappersTCP Wrappers wraps network access controls around applications.
Configuration files:
/etc/hosts.allow
/etc/hosts.deny
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Security_Guide-TCP_Wrappers_and_xinetd-TCP_Wrappers_Configuration_Files.html
Find out if a file is compiled with TCP Wrappers
http://www.cyberciti.biz/faq/tcp-wrappers-hosts-allow-deny-tutorial/
