$ sudo apt install package
$ sudo apt --purge remove package
$ dpkg -s dpkg | grep -i version -- Shows which version is installed of dpkg
$ dpkg -l -- lists all installed packages
$ dpkg -V -- Verify installed packege integrity
$ dpkg -I file.deb -- Show information about package file
$ dpkg -S /etc/init/networking.conf -- Show what package owns the file
$ sudo dpkg -i foobar.deb -- installs package
$ sudo dpkg -r foobar.deb -- removes package
$ sudo dpkg -P foobar.deb -- remove package and delete conf files
$ env
$ export
$ set
$ echo $HOME
$ echo $PATH
$ echo $PS1
$ echo $SHELL --> /bin/bash
$ VARIABLE=value
$ export EDITOR=/usr/bin/nano
$ PATH=$PATH:~/HOME
~/.bash_profile -- login shells configuration
~/.bash_login -- Login initialization
~/.profile -- overrides /etc/profile
.bashrc -- Welcome message and other scripts for login such as alias.
source .bashrc
$ history
Stored in .bash_history
$ dmesg -w
$ sudo tail -f /var/log/messages
$ alias --> list existing aliases
alias l='ls -laF'
$ printf '\033]11;#AA00DD\007' -- Changing background color temporarily in terminal.
/etc/passwd -- Passwords file
/etc/shadow
/etc/group
Contents of /etc/skel will be copied to new users /home directories
$ sudo useradd -m -s /bin/bash -c "TestUser 1" user1
$ sudo usermod -aG sudo user1 -- appends user1 to sudo Group
$ sudo useradd bjmoose -- Creates new user bjmoose
$ sudo useradd -s /bin/csh -m -k /etc/skel -c "Bullwinkle J Moose" bmoose -- Non explicit values
$ sudo usermod -L bjmoose -- locks directory
$ sudo chage -E 2001-09-11 bjmoose -- Changes PW expiry
$ sudo chage -d 0 USERNAME -- change PW at next login
$ sudo userdel -r bjmoose -- removes user and users home directory
$ sudo passwd bjmoose -- change PW
/etc/sudoers and /etc/sudoers.d contains info about who can use sudo.
$ sudo groupadd -r -g 215 staff
$ groupmod -g 101 blah
$ sudo groupdel newgroup
$ chgrp bosses somedir -- change group of somedir to bosses
$ chown -R wally somefile -- Recursivelly change owner of a file
$ sudo apt install openssh-server
$ ssh-keygen -- creates /.ssh directory with private (id_rsa) and public key (id_rsa.pub).
~/.ssh/config is run before /etc/ssh/ssh_config
Example config file:
Host apple HostName 192.168.0.196 User student Port 4242 IdentityFile /home/student/.ssh/custom -- Hence user can use $ ssh apple
$ ssh-copy-id user1@localhost -- copy public key to user1 to be able to login without PW from another user account, will be placed in file /.ssh/authorized_keys
$ scp file.txt username@10.64.136.248:/home/username/file.txt -- Copy file.txt from server B to local A, when logged in to B.
$ ssh -fNT -R 4000:localhost:22 ubuntu@65.34.x.x -i private_key --Reverse ssh to public server from private IP.
$ ssh -p 4000 bot@localhost -- create a SSH tunnel back to the private IP WS.
$ setfacl -m -u:bjorn:rwx file1 -- Give bjorn rwx to file1
$ getfacl file1 -- See file permissions
$ setfacl -x u:bjorn file1 -- removes permissions
$ setfacl -d:u:bjorn rx somedir --Gives permission on directory
$ sudo install tigervnc*
$ vncserver -- start on server machine
$ vncviewer -via server student@some_machine localhost:2
$ git init -- create .git directory
$ git add somefile
$ git clone --depth 1 -b master https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git linux/
$ git branch
$ git merge
$ git pull
$ git push
$ git status
$ git config --global user.name "Bjorn"
$ git config --global user.email "bjorn@mail.com"
$ git config --global init.defaultBranch main
$ git diff -- see difference between files
$ git commit -m "my first commit"
$ git log
$ git checkout -b name
$ git checkout -b name remotes/origin/main
$ git config --list -- see the configuration of git
$ at now + 2 days -- at prompt type in command to run and ctrl+d to exit. atq shows job info
$ sleep 60;emacs -- launch emacs in 1 minute
/etc/anacrontab -- contains periodic jobs
$ nice -n 19 myprog -- runs myrprog with low prio, -20 is highest prio
$ renice +3 13488 -- change nice on PID 13488
$ crontab mycrontab -- mycrontab contains "0 10 * * * /tmp/myjob.sh" -- example to run periodic jobs
$ echo '#!/bin/bash'>/tmp/myjob.sh;echo echo Hello I am running '$0' at '$(date)'>>/tmp/myjob.sh;chmod +x /tmp/myjob.sh
$ crontab -l -- verify job was loaded
$ ps aux
$ ps -o pid,pri,ni,cmd
$ pstree -aAp PID
$ free -m
$ cat /proc/meminfo
$ vmstat -S M -a 2 4 --shows stats about memory in MB
$ vmstat -p /dev/sdb1
$ cat /proc/swaps
$ dd if=/dev/zero of=swpfile bs=1M count=1024 -- will create a new swapfile
$ mkswap swpfile
$ sudo swapon swpfile -- activate swpfile as swap
$ sudo chown root:root swpfile;sudo chmod 600 swpfile
$ cat /proc/swaps -- to verify the new swap is being used.
$ sudo swapoff swpfile;sudo rm swpfile
$ echo FROM alpine:edge>httpie.Dockerfile;echo RUN apk add --no-cache httpie>>httpie.Dockerfile;echo CMD [\"httpie\"]>>httpie.Dockerfile
$ sudo docker build -f httpie.Dockerfile -t httpie:latest .
$ alias https='sudo docker run --rm httpie https --'
$ https httpie.io/hello
docker ps
docker ps -a
docker inspect -f '{{.State.Status}}' nextcloud-aio-database
docker inspect nextcloud-aio-mastercontainer
docker restart nextcloud-aio-mastercontainer
docker network ls
docker images
$ lsblk
$ sudo blkid
$ sudo blkid /dev/nvme0n1p5
$ sudo partprobe -s -- read revised partition table
$ cat /proc/partitions -- to see what partitions OS is aware of
$ sudo fdisk -l /dev/nvme0n1 -- displays disk partition table
$ dd if=/dev/zero of=imagefile bs=1M count=1024 -- Create file of zeros to be able to use as disk partition image
$ mkfs.ext4 imagefile -- put a filesystem on diskfile
$ mkdir mntpoint
$ sudo mount -o loop imagefile mntpoint -- now file is mounted and can be used.
$ sudo umount mntpoint
$ lsattr filename -- show attributes
$ chattr -- change attributes
$ sudo mount -r remount,rw / -- remount root directory with write permission
$sudo mount -a -- mount all filesystems
$ sudo mount -t nfs myserver.com:/shdir /mnt/shdir -- mounting a network share
/etc/fstab add following line to mount at boot -- myserver.com:/shdir /mnt/shdir nfs rsize=8192,wsize=8291,timeo=14,intr 0 0
$ sudo modprobe -i nbd -- Connect the exported foo on 192.168.242.160 to the local device /dev/nbd10:
$ sudo nbd-client -N foo 192.168.242.160 /dev/nbd10 -- You can also see an example of some commands from an Ubuntu installation.
Start the nbd server process with the following command: $ sudo nbd-server -C nbd-server.conf
List the exports on the server from the client with the following command: $ sudo nbd-client -l 127.0.0.1 10042
Connect the export foo to the local device /dev/nbd0: $ sudo nbd-client -N foo 127.0.0.1 10042 /dev/nbd0
$ sysctl -a -- read and tune kernel parameters at runtime
$ cat /proc/cmdline -- see what command line cmd system was booted with
$ sudo sh -c 'echo 1 > /proc/sys/net/ipv4/ip_forward' -- changing kernel parameter
$ sudo sysctl net.ipv4.ip_forward=1 -- Another way of changing kernel parameter
$ sudo sysctl -p -- effectuates immediate digestion of file $ sudo sysctl net.ipv4.icmp_echo_ignore_all=1 -- makes device not responding to ping
lsmod -- list loaded modules, insmod -- directly load modules, rmmod -- directly remove modules, modprobe -- load or unload modules using prebuild db w dependency and location info, depmod -- rebuild dep db, modinfo -- display info about module
$ sudo udevadm monitor -- check what happens when device is connected/disconnected from system
Rules are found in 3 locations: 1. /etc/udev/rules.d, 2. /run/udev/rules.d, 3. /usr/lib/udev/rules.d
IPv4 32 bit address, IPv6 128 bit address. Class A (1-127) netmask 255..., first 8 bits,B (128-191) netmask 255.255.. first 16 bits and C (192-223) netmask 255.255.255.0 first 24 bits
$ sudo hostnamectl set-hostname lumpy -- change hostname permanently
$ sudo hostname nisse -- change hostname to nisse
echo driftfile /var/lib/ntp/ntp.drift$'\n'pool 1.pool.ntp.org$'\n'pool 2.pool.ntp.org$'\n'pool 3.pool.ntp.org >/etc/ntp.conf -- to set ntp to pool project
$ systemctl restart ntpd;systemctl restart ntp;ntpg -p -- to restart ntp server and query.
$ ntpdc -c peers -- show time difference between local and time servers.
Here is an example of access control entries in /etc/ntp.conf.
restrict default nopeer nomodify notrap noquery -- Default policy prevents queries
restrict 123.123.x.0 mask 255.255.255.0 nopeer nomodify notrap -- Allow queries from a particular subnet
restrict 131.243.1.42 nopeer nomodify notrap noquery -- Allow queries from a particular host
restrict 127.0.0.1 -- Unrestrict localhost
echo server 127.127.1.0$'\n'fudge 127.127.1.0 stratum 10 > /etc/ntp.conf -- example of declaring itself as stratum 10 server
$ cat /etc/services -- list all protocols and associated ports
$ ip link show
$ ifconfig
$lspci -- check HW on PCI system
/etc/network/interfaces -- NW configuration files on debian
$ nmtui -- Graphical configuration interface
$ nmcli -- command line to config NW
$ route -n OR ip route -- show routing table
--- Manually add routing ---
$ sudo nmcli con mod virbr0 ipv4.routes 192.168.10.0/24 +ipv4.gateway 192.168.122.0
$ sudo nmcli con up virbr0
--- set default gateway ---
$ sudo ip route add default via 192.168.1.10 dev enp2s0
$ ip route
$ sudo ip route add default via 192.168.1.1 dev enp2s0 -- reset to default routing
$ nmcli device status -- show interface status
$ [dig | host | nslookup] linuxfoundation.org
$ ping, traceroute, mtr -- tools to check network functionality.
 $ sudo nmcli con show "Wired connection 2" -- show detailed information about a connection
$ sudo nmcli con modify "Wired connection 2" +ipv4.addresses 172.16.2.140/24;sudo nmcli con up "Wired connection 2" -- add additional IPv4 to system.
$ sudo nmcli con modify "Wired connection 2" -ipv4.addresses 172.16.2.140/24;sudo nmcli con up "Wired connection 2" -- remove additional IPv4 from system.
$ sudo nmcli conn mod "Wired connection 2" +ipv4.routes "192.168.100.0/24 172.16.2.1";sudo nmcli conn up "Wired connection 2" -- adding additional route
$ sudo ip route add 192.168.100.0/24 via 172.16.2.1 -- Not persistent way of adding route
$ sudo sysctl net.ipv4.ip_forward=1;echo 1 > /proc/sys/net/ipv4/ip_forward -- turn on IP forward in case of more than one interface running IPv4
To set persistent add net.ipv4.ip_forward=1 in /etc/sysctl.conf and reboot or $ sudo sysctl -p
$ sudo firewall-cmd --get-default-zone
$ sudo firewall-cmd --get-active-zones
$ sudo firewall-cmd --get-zones -- get all zones
$ sudo firewall-cmd --set-default-zone=trusted -- change default zone
$ sudo firewall-cmd --zone=internal --change-interface=eno1 -- change an interface to specific zone
$ sudo firewall-cmd --permanent --zone=internal --change-interface=eno1 -- make a permanent change, creates file /etc/firewalld/zones/internal.xml
$ sudo tcpdump -vnes0 -i ens18 port 67 or port 68
Result should be the sequence 1. Discover, 2. Offer, 3. Request, 4. ACK. If lease is not expired, only 3 and 4 may be seen. Link
$ curl -v http://10.64.136.248:3000/ -H 'Content-Type:application/json' -d '{"key1":1,"key2":2}' -i
$ python3 -m http.server 9000 -- Creating a simple http server on port 9000.
Ubuntu FTP Server
sudo apt install vsftpd
sudo systemctl start vsftpd
sudo systemctl enable vsftpd
sudo ufw allow 21/tcp
sudo ufw allow 40000:50000/tcp # Example passive port range
sudo ufw enable # If UFW is not already active
sudo ufw status # To verify
sudo adduser ftpuser
sudo nano /etc/vsftpd.conf
sudo systemctl restart vsftpd
ftp your_server_ip_address