Summary of Common Linux commands

1. View the process: Ps-ef or Ps-aux

2. View network status: Ifconfig

3. Filter: grep filter content file path (filter content under the change file)
Grep-r Filtering the content path (filtering the contents of the path)

4. Dynamic display of the most current consuming process information: top

5. The order will not be used, to find men: man, such as: Mans LS

6. Test network connectivity: Ping + IP or domain name
Local: ping 127.0.0.1 or ping localhost

7. Display network status information: netstat

8. Kill process: Kill, you can first use the PS or top command to view the process ID, and then kill the process with the KILL command

9. Clear the screen: clear

10. View the contents of the file: Cat file [| more] page display
Cat + file name query shows all
Cat + filename |more: Pagination Display (space, page down; enter, line down; q, exit)

11. Switch directory: CD: CD/ETC

12. Copy file: CP source filename New file name such as file backup: CP ifcfg-eth0 Ifcfg-eth0.bak

13.vi+ file name: Edit files
Start editing: A
Exit Edit ESC
Save: Shift+zz

Tips for use:

Vi + file name: Open file
GG: Cursor positioning first line
YY: The copy cursor is in the row
DD: The clipping cursor is in the row
P: Paste
U: Undo
Ctrl+r: Anti-revocation
：？ Find in use: Find
:%s/find content/replace content/[g]: replace operation "G" Global substitution
I: Convert to insert mode
X: Delete the current character
. : Repeat last modification (same as PS ctrl+f execution Filter)
U: Undo Action
Ctrl-r: Redo
P: Inserts the deleted character into the current position (put)

Exit Save:
: Q: Exit
: q! : Do not save exit
ZZ: Exit after saving
: e! : Discard modification and re-edit

14.ctrl+c: End process;

15. Top and Bottom buttons: view previously entered commands

16.PWD: Show current directory

17.History: View history commands

18. Common directory:
/etc: Configuration information for the system. If configuring NIC information: Cd/etc/sysconfig/network-scripts
/usr: The most extensive directory, applications and files to be used in almost all of this directory

19. Operating Network Services
Start: Etc/init.d/network start
Stop: Etc/init.d/network stop
Restart: etc/init.d/network restart
Or:
Service Network Shart/stop/restart

The network card is turned on and off:
Ifconfig eth0 Down/up

20. Shutdown: Halt
Restart: reboot

21. Display files or directories: LS
-l list File details L (list) = = "ll
-a lists all files and directories under the current directory, including Hidden A (all)

ll result Description:
Types and Permissions | Number of References | user | Group | Size | Month | Day | Year/Time | Name
File type description:
-: Normal file
D: Catalog file
B: Block file
C: Character device
L: Link
S: Socket

22. Operation of the whole file:

Touch: Create a normal file
Format: Touch file1 [File2]

CP: Copy files
Format: Cp file name [new file name]
Cp file name path/[new file name] copy to another path [new file name]
such as: Cp–r AA/CCC. : Copy the CCC folder under AA to the AA directory

RM: Deleting files
Format: Rm [path] file name
RM–RF AA: Delete the path containing the file inside, without prompting;

mkdir: Creating a Directory
Format: mkdir dir1 [Dir2]

RmDir: Delete directory (empty)
Format: RmDir dir
Non-empty path: RM–RF aa: Delete the path containing the file inside, without prompting;

Mv: Moving Target files
Format: MV destination file path [/new file name]

23. Directory Jump: CD
Cd/etc/sysconfig Absolute Path Jump
CD AAA relative path jump
Cd.. /Jump to Parent directory

24. Search and locate files:
Grep:
grep ftp/etc/passwd looks for lines that contain ' FTP ' characters under File/etc/passwd.
grep ' test ' d* queries all rows that contain ' test ' in files beginning with D
Ls/bin | grep ' ^m ' filters Ls/bin output through a pipeline, displaying only lines beginning with M
Grep-i ' Helloword ' menu.h main.c
Displays lines that match Helloword in Files Menu.h and main.c, Khulo case

Find
Format: Find [contents] [conditions] [action]
-name Specifying file names
-type specified file type {l/b/c/d/p/f}
-SIZE Specifies the file size, unit k/m/g,+ represents greater than,-indicates less than
-user the specified user
-group Specifying groups

25. Print Environment variables
Echo $PATH
Settings for Environment variables:
Mode one: once set.
Export path= $PATH: Dir1[dir2]
Mode two: Permanent settings, all users are in effect, requires a restart to take effect or use the source command.
Add the action of mode one to the end of the file/etc/profile
Mode three: Permanent setting, only for one user, requires restart to take effect or use the source command. Priority is higher than two.
Add the action of mode one to the end of the file ~/.BASHRC.

26. Compression of files: Tar.
-C: Compression
-X: Unzip
-Z: Using gzip
-F: Using bzip2
-V: Show details of the compression process
-C: Specify the path to be stored after decompression
Such as:
TAR–ZCVF compressed file name. tar.gz compressed target file compression required
TAR–ZXVF compressed file name. tar.gz [–c compressed path] Unzip

27. Rights Management chmod (permissions to modify files).
Permission Description:
1: File type (L/B/C/D/P/-/S)
2/3/4: Read (R)/write (R)/execute (x) permission for the file owner-indicates that it does not have this permission.
5/6/7: Read/write/execute permissions for the group to which the file owner belongs
8/9/10: Read/write/execute permissions for other users ' groups
11:. Indicates that SELinux is enabled. Blank indicates that SELinux is not turned on.
Such as:
chmod +x file to add executable permissions to files
Chmod-w file removes writable permissions for files
chmod u+x file to add executable permissions to the owner
chmod g-w file removes writable operations from the same group of files
chmod u=rwx,g=rx,o=rw File

28. Users and user groups.
/etc/passwd This file holds all the users in the system. As follows:
User name: Password: Description: User id/uid: Group id/uid: User home directory: Shell

Add User: Useradd user name
-D: Specify home User Directory
-U: Specify User ID (must be greater than 500, less than 500 times times system occupancy)
-S: Specifies the shell that the user executes.
CHSH User name-s/sbin/nologin user has created, no login.

Delete User: Userdel user name

Change Password: passwd [user name] If you do not specify a password to modify the current user
View passwords for all users/etc/shadow

Switch User: su [user]

If you want to execute only one superuser command, you do not want to switch users. Add sudo in front of the original command.

Modify the group to which the file belongs: CHGRP Group name File name

Set file owner: Chown User [: Group name] File name


29. Services and processes: Vmstat

[Email protected]:~# vmstat 2 1
procs-----------Memory-------------Swap-------io-----system------CPU----
R b swpd free buff cache si so bi bo in CS US sy ID WA
1 0 0 3498472 315836 3819540 0 0 0 1 2 0 0 0 100 0

R indicates the running queue
b Represents a blocked process
SWPD the size of virtual memory used
Free Physical Memory size
Buff Linux/unix system is used to store, what content inside the directory, permissions and other caches
The cache cache is used directly to memorize the files we open and to buffer the files.
Si the size of virtual memory read from disk per second
So the size of virtual memory written to disk per second
Number of blocks received by BI block devices per second
Number of blocks sent by Bo block devices per second
In CPU interrupts per second, including time interrupts
CS-Per-second number of context switches
US User CPU Time
SY System CPU Time
ID Idle CPU Time
WT Wait IO CPU time

The 30.top command is a common performance analysis tool under Linux that shows the resource usage of each process in real time, similar to the Task Manager of Windows.

Note the problem:

1. In addition to the contents of these directories, it is also important to note that because the root directory and boot-related, only the root directory will be mounted during the boot process, the other partition is the boot after the completion of the continuous mount behavior. Because of this, the directory associated with the boot process in the root directory cannot be placed in a different partition than the root directory.

Which directories cannot be separated from the root directory? There are these below:

/etc: Configuration file

/bin: Important Execution file

/dev: Required device files

/lib: Function libraries required for execution of files and modules required by the core

/sbin: Important System Execution files

These five directories must not be separated from the root directory in different partitions. Please carry it down.

The following is a Linux firewall command

1. View firewall information
Command: Iptables-l
Cat/etc/sysconfig/iptable

2. Turn off the firewall
Command:/etc/init.d/iptables stop
Service Iptables Stop
Start firewall:/etc/init.d/iptables start
Restart Firewall:/etc/init.d/iptables restart

3. Turn off the self-boot of the firewall.
View the system self-starting process service: Chkconfig.
[[email protected] ~]# chkconfig iptables off (set auto-start to OFF)
# chkconfig--del iptables (remove boot auto start)

4. Clear firewall Rules
Command: Iptables-f? Iptables-x

5. Save the firewall settings.
Command:/etc/rc.d/init.d/iptables Save

6. In order to be able to use remote SSH login, we have to open 22 port
# iptables-a input-p TCP--dport 22-j ACCEPT
# iptables-a output-p TCP--sport 22-j ACCEPT
Note: This rule, if you set the output to drop will be written on this part, many people are looking to write this rule caused, always cannot ssh. In the remote, is not good.

7. If the Web server is turned on and output is set to drop, a chain is also added:
# iptables-a output-p TCP--sport 80-j ACCEPT
# iptables-a input-p TCP--dport 80-j ACCEPT

8. Allow ICMP packets to pass, that is, allow Ping
# iptables-a Output-p icmp-j ACCEPT (OUTPUT set to drop)
# iptables-a Input-p icmp-j ACCEPT (INPUT set to drop)

9. Allow loopback! (This may cause problems such as DNS not shutting down properly)
# iptables-a Input-i lo-p all-j ACCEPT (if INPUT DROP)
# iptables-a Output-o lo-p all-j ACCEPT (if OUTPUT DROP)

10. Reduce insecure port connections
# iptables-a output-p TCP--sport 31337-j DROP
# iptables-a output-p TCP--dport 31337-j DROP

11. Allow SSH connection only for 192.168.0.3 machines
# iptables-a input-s 192.168.0.3-p tcp--dport 22-j ACCEPT

12. Turn on forwarding, (when doing NAT, forward default rule is drop, must be done)
# iptables-a Forward-i eth0-o eth1-m State--state related,established-j ACCEPT
# iptables-a forward-i eth1-o eh0-j ACCEPT

13. Discard the Bad TCP packets
#iptables-A forward-p TCP! --syn-m State--state New-j DROP

14. Handle the number of IP fragments to prevent attacks, allowing 100 per second
#iptables-A forward-f-M limit--limit 100/s--limit-burst 100-j ACCEPT

15. Set ICMP packet filtering, allow 1 packets per second, limit trigger condition is 10 packets
#iptables-A forward-p icmp-m limit--limit 1/s--limit-burst 10-j ACCEPT

16. Order Explanation:

Five Chain of rules:
1.PREROUTING (before routing)
2.INPUT (packet inflow port)
3.FORWARD (forward tube card)
4.OUTPUT (Packet egress)
5.POSTROUTING (after routing)

-A: Append, add a rule at the end of the current chain

INPUT (packet inflow port)

OUTPUT (Packet egress)

-S: Specifies that the host name cannot be specified as the source address, and must be an IP

IP | Ip/mask | 0.0.0.0/0.0.0.0
And the address can be reversed, plus a "!" Indicates that except which IP

-P: For matching protocol (there are usually 3 protocols here, TCP/UDP/ICMP)

-I eth0: Incoming data from this NIC
Inflow is generally used on input and prerouting

-O eth0: Data streamed out of this NIC
Outflow is generally on output and postrouting

-M Multiport: indicates enabling multiport expansion

-j ACTION:
Drop: Silently Discard
Accept: Acceptance

The following is a Linux remote SSH-related command

1 , view SSH Client Version

Sometimes it is necessary to confirm the SSH client and its corresponding version number. Use the SSH-V command to get the version number. It is important to note that Linux generally comes with OpenSSH: The following example shows that the system is using OpenSSH:

$ ssh-v
OPENSSH_3.9P1, OpenSSL 0.9.7a Feb 19 2003

The following example shows that the system is using SSH2:

$ ssh-v
Ssh:ssh Secure Shell 3.2.9.1 (non-commercial version) on I686-pc-linux-gnu

2 , connect to a remote host:

Command format:

SSH [-llogin_name] [-P port] [[Email Protected]]hostname
SSH [email protected] or
Sshremoteserver-l Name
Do not specify user, default login with root account

SSH 192.168.0.11

Specify User:

Ssh-l Root 192.168.0.11

SSH [email protected]

Note: Both of these methods can telnet to the remote host, the server represents the remote host, and the name is the user name of the remote host that is logged on.

3 , connect to the port specified by the remote host:

Command format:
SSH [email protected]-P 2222 or
SSH remoteserver-l name-p 2222

The SSH login port has been modified to:

Ssh-p 12333 192.168.0.11

Ssh-l Root-p 12333 192.168.0.11

Ssh-p 12333 [email protected]
Note: The p parameter specifies the port number, usually in the route to do ports mapping, we do not map the 22 port directly out, but instead of the conversion to other port number, then we need to use the-P port number command format.

4 , through the remote host 1 Skip to remote host 2 :

Command format:
Ssh-t remoteserver1 ssh Remoteserver2
Description: When the remote host Remoteserver2 cannot be reached directly, you can use the-t parameter and then jump from Remoteserver1 to Remoteserver2. In this process, you need to enter the Remoteserver1 password, and then enter the Remoteserver2 password, then you can operate the remoteserver2.

5 , through SSH running Remote Shell command:

Command format:
Ssh-l name remoteserver ' command '
Description: Connect to the remote host and execute command commands for the remote host. For example, view the memory usage of the remote host.
$ ssh-l Root 192.168.1.100 svmon-g

6 , modify SSH Listening Port:

By default, SSH listens to the connection port 22, the attacker uses the port scanning software to see if the host is running the SSH service, it is a wise choice to modify the SSH port to a port greater than 1024, because most of the port scanning software (including nmap) does not scan the high port by default. Open the/etc/ssh/sshd_config file and look for a line such as the following:
Port 22
Remove the # number in front of the line, then modify the port number and restart the SSH service:
$/etc/init.d/ssh Restart

7 , allow only SSH Protocol version 2 :

There are two SSH protocol versions, only using SSH protocol version 2 is more secure, SSH protocol version 1 has security issues, including man-in-the-middle attacks (man-in-the-middle) and injection (insertion) attacks. Edit the/etc/ssh/sshd_config file and look for a line such as the following:
# Protocol 2,1
Revision changed to
Protocol 2

8 , Prohibit Root User login:

Usually, do not use directly with the root user to log on to the remote host, because the root user has super privilege, this will bring security risks, so, generally we use ordinary user login, when the need to manage the remote host, and then switch to the root user. Open the/etc/ssh/sshd_config file and look for a line such as the following:
#PermitRootLogin Yes
Remove the # number and then modify yes to No to restart the SSH service so that the root user can be prevented from logging on.

Remove the # number and replace the full path of the Bannertest.txt file with/some/path, then save and restart the SSH service. When the client logs in, you will see a prompt in the Bannertest.txt file.

9 , port mapping:

If the company intranet has a Web server, but only inward and outward, so that the external network can not access the port map with SSH to achieve the external network access to the Web server intranet. If the Web server name is Webserver,webserver, you can use SSH to access the remote host RemoteServer, log in to Webserver, and then use the following command to map
Command format:
Ssh-r 3000:localhost:80 RemoteServer
After execution, on the RemoteServer machine, perform the Netstat-an | grep3000, check to see if there are 3000 ports open. and execute the following command to see if the Web page on webserver can be opened
$ w3m http://127.0.0.1:3000
If you can open the interface, the mapping succeeds. However, this is limited to native access to the Web server, which can only remoteserver machine access to webserver. Because Port 3000 is bound to the 127.0.0.1 port of the remoteserver machine. You can edit the/etc/ssh/sshd_config file on the RemoteServer machine and add the following:
Add the Gatewayports yes content, bind the listening port 3000 to the 0.0.0.0 address so that all external machines can access the listening port and then save the exit. and restart the SSH service. When finished, other machines can enter http://remoteserver:3000 in the browser to access the webserver.

Ten , set prompt information at logon

First edit a file, such as Bannertest.txt, the file content is defined by itself. Then open the/etc/ssh/sshd_config file and look for a line such as the following:
#Banner/some/path

One , modify SSH Port

Modify the SSH login port and disable root login. The port can be changed to prevent the port from being scanned.

To edit a configuration file:

Vim/etc/ssh/sshd_config

Locate #port 22, remove the comment, and modify it to a five-bit port:

Port 12333

Find #permitrootlogin Yes, remove the comment, and modify it to:

Permitrootlogin No

To restart the SSHD service:

Service sshd Restart

Successful restart: stopping sshd: [OK]
Starting sshd: [OK]

 A , Logoff is  Disconnect is Tsdiscon

- , Simple transfer command: SCP

SCP [Email Protected]:/etc/php.ini/home/user2

Copy the/etc/php.ini file on the host ww.liniux.cn to the local/home/user2 directory

Linux Open SSH

1. Check to see if it is turned on:

⑴ See if the port is open, Netstat-an|grep 22

⑵ See if the SSH service is running: PS-E | grep ssh

Network connectivity for ⑶SSH services: NETSTAT-NTLP

2. Related commands

⑴ Restart the SSH service, the command is:/etc/init.d/sshd restart

⑵ Verify the SSH service status, the command is:/etc/init.d/sshd status

⑶ See SSH installation package in System: RPM-QA | grep ssh

⑷

⑸ shut down Firewall service iptables stop

1. Open port command: /sbin/iptables-i input-p tcp--dport 8080-j ACCEPT

2. Save:/etc/rc.d/init.d/iptables Save

3. Restart Service:/etc/init.d/iptables Restart

4. Check if the port is open:/sbin/iptables-l-N

Summary of Common Linux commands