Linux Cheat Sheet

SSH

• Custom port: ssh username@hostname.com -p 1234
• Local port forwarding: ssh -L client_port:localhost:server_port -L 9999:localhost:80

Forwards specified server ports to client through ssh tunnel. Client port forwarded to can be customised. Multiple -L arguments can be used.

• Dynamic port forwarding: ssh -D 80

Forwards all server ports to client through the ssh tunnel, does not work if port is already in use on the client

Screen

• List screens: screen -list
• Name a new screen with a sockname: screen -S sockname
• Resume detatched screen: screen -r sockname
• Scroll up and down in copy mode: Ctrl+a, Esc
• Detatch from screen: Ctrl+a, d

Podman

• Download image: podman pull image_repo
• List images: podman images
• Run image: podman run -dt image_repo/image_id

-d Detatch, -t Create TTY interface

• Attach: podman attach container_id
• Detatch: Ctrl+p, Ctrl+q

Firewall

Most of these commands require root

• Check for open ports: ss -plnt | grep :80
• List zones: firewall-cmd --get-zones
• List active zones: firewall-cmd --get-active-zones
• List all zone information: firewall-cmd --list-all-zones
• List zone information for current or specified zone: firewall-cmd --list-all
• List services: firewall-cmd --list-services
• List interfaces: firewall-cmd --list-interfaces
• List zone information: firewall-cmd --zone=public --list-all
• Add port to zone: firewall-cmd --zone=internal --add-port 80/tcp

This change will apply immediately, but will not persist once the firewall is reloaded

• Make change permanently: firewall-cmd --add-port 1234 --permanent

Changes won’t be applied to the live firewall. Apply them by reloading the firewall with firewall-cmd --reload

• Add service to zone: firewall-cmd --zone=public --add-service=syncthing

DNF

Most of these commands require root

• Add repo: dnf config-manager --add-repo repository_url
• Enable repo: dnf config-manager --set-enabled repository
• Disable repo: dnf config-manager --set-disabled repository
• List enabled repos: dnf repolist

Vim plug

• Install plugin: :PlugInstall name
• Update vimplug: :PlugUpgrade

Linux file permissions

Groups are used with file permissions: chown user:group

These commands require root

• Create new group: groupadd group_name
• Add user to a group: gpasswd -a user group_name
• List groups: getent group
• List users of a group: getent group group_name
• List users: getent passwd
• List groups of a user: groups user
• chmod -R g+w /your/directory
• https://www.guru99.com/file-permissions.html

4 = Read, 2 = Write, 1 = Execute

5=rx, 6=rw, 7=rwx

Execute permissions are used to traverse a directory

Online users

• List online user PTS: who

shiraz pts/0 2022-01-02 20:55 (192.168.1.11)

• Find user PID from PTS: ps -dN|grep pts/1

1885493 pts/1 00:00:00 zsh

• Logged in usernames: users

shiraz shiraz

• Detailed list of login history: last

File handling

• Backup config file: rename .conf ".conf_backup" /etc/nginx/conf.d/ptero.conf
• Unbackup config file: rename _backup ““ /etc/nginx/conf.d/ptero.conf
• Find an indexed file quickly: locate filename (Note: locate relies on a pre-built database, which can be updated using updatedb to include recent files)

Grub on RedHat

• Edit grub options: sudo vim /etc/default/grub
• Find grub config directory: sudo readlink -e /etc/grub2-efi.cfg

Return example: /boot/efi/EFI/rocky/grub.cfg

• Regenerate and replace grub config: sudo grub2-mkconfig --output /boot/efi/EFI/rocky/grub.cfg

Never directly edit the grub configuration. Regenerate it automatically instead

String manipulation

Regex

• Any digit ([0-9]): \d
• Any NON digit: \D
• Any word character: \w
• Any NON word character: \W
• Any single character: .
• A single character of: [abc]
• A character except: [^abc]
• A character in range: [a-z]
• Zero or one of a: a?
• Zero or more of a: a*
• One or more of a: a+
• Exactly 3 of a: a{3}
• 3 or more of a: a{3,}
• Exactly 3 to 6 of a: a{3,6}
• Start of a string: ^
• End of a string: $
• OR: (sample1|sample2)
• Match previous token one or more times: +
• Match previous token zero or more times: *

Text search (grep)

• After context: -A 5
• Before context: -B 5
• After and before context: -C 5
• Exclude: -v string_to_exclude

Usage: dnf history | grep install | grep -v akmods

• Compare command outputs: diff <(command1) <(command2)

GPU

• List available GPU: lspci -nn | egrep -i "3d|display|vga"
• List available GPU details: lshw -C display

Clear space

• Remove unused packages: dnf autoremove
• Clear cache etc: dnf clean all
• View system journal size: journalctl --disk-usage
• Trim system journal: journalctl --vacuum-time=3d
• View thumbnail cache size: du -sh ~/.cache/thumbnails
• Clear thumbnail cache: rm -rf ~/.cache/thumbnails/*
• Flatpak list largest: flatpak --columns=name,size,application,version,description list
• Remove unused flatpaks: flatpak uninstall --unused --delete-data
• List largest dnf packages: rpm -qa --queryformat '%10{size} - %-25{name} \t %{version \n ' | sort -n

Output

• Print all: cat file
• Print first 10 lines: head -n 10 file
• Print last 10 lines: tail -n 10 file
• Select 1st column: cut -c1
• Monitor command output: watch -n1 lspci

Every 1 second, clear screen and print output of lspci (-n1 specifies the interval in seconds)

Grubby

• Show info for specific kernel (index ‘0’, which is usually the latest & default): sudo grubby --info=0
• Show logs during early boot on all installed kernels: `sudo grubby –update-kernel=ALL –remove-args=’ rhgb quiet’
• Boot to a different kernel (‘2’) on the next boot only: sudo grubby savedefault --default=2 --once

Networking

• Overview on connection activity: sudo iftop
• Network manager: nmcli

Help

• Command description: whatis systemd
• Command manuals: man systemd
• Binary locations: whereis systemd
• Search man pages: apropos wireless