cheat all

gcc

# Compile a file gcc file.c # Compile a file with a custom output gcc -o file file.c # Debug symbols gcc -g # Debug with all symbols. gcc -ggdb3 # Build for 64 bytes gcc -m64 # Include the directory {/usr/include/myPersonnal/lib/} to the list of path for #include <....> # With this option, no warning / error will be reported for the files in {/usr/include/myPersonnal/lib/} gcc -isystem /usr/include/myPersonnal/lib/ # Build a GUI for windows (Mingw) (Will disable the term/console) gcc -mwindows

paste

# Concat columns from files paste file1 file2 ... # List the files in the current directory in three columns: ls | paste - - - # Combine pairs of lines from a file into single lines: paste -s -d '\t\n' myfile # Number the lines in a file, similar to nl(1): sed = myfile | paste -s -d '\t\n' - - # Create a colon-separated list of directories named bin, # suitable for use in the PATH environment variable: find / -name bin -type d | paste -s -d : -

pdftk

# Concatenate all pdf files into one: pdftk *.pdf cat output all.pdf # Concatenate specific pdf files into one: pdftk 1.pdf 2.pdf 3.pdf cat output 123.pdf # Concatenate pages 1 to 5 of first.pdf with page 3 of second.pdf pdftk A=fist.pdf B=second.pdf cat A1-5 B3 output new.pdf

dpkg

# Install the package or upgrade it dpkg -i test.deb # Remove a package including configuration files dpkg -P test.deb # List all installed packages with versions and details dpkg -I # Find out if a Debian package is installed or not dpkg -s test.deb | grep Status

journalctl

# Actively follow log (like tail -f) journalctl -f # Display all errors since last boot journalctl -b -p err # Filter by time period journalctl --since=2012-10-15 --until="2011-10-16 23:59:59" # Show list of systemd units logged in journal journalctl -F _SYSTEMD_UNIT # Filter by specific unit journalctl -u dbus # Filter by executable name journalctl /usr/bin/dbus-daemon # Filter by PID journalctl _PID=123 # Filter by Command, e.g., sshd journalctl _COMM=sshd # Filter by Command and time period journalctl _COMM=crond --since '10:00' --until '11:00' # List all available boots journalctl --list-boots # Filter by specific User ID e.g., user id 1000 journalctl _UID=1000

jrnl

# Add entry to default jrnl (from your configured text editor) jrnl # Add entry to default jrnl jrnl Write entry here. # List of tags jrnl --tags # Entries per tag jrnl @tag # Export jrnl as json jrnl --export json # Entries in a timeframe jrnl -from 2009 -until may # Add Sublime text to .jrnl_config # Windows "editor": "F:\\Powerpack\\Sublime\\sublime_text.exe -w" # Linux "editor": "/usr/bin/sublime -w"

chmod

# Add execute for all (myscript.sh) chmod a+x myscript.sh # Set user to read/write/execute, group/global to read only (myscript.sh), symbolic mode chmod u=rwx, go=r myscript.sh # Remove write from user/group/global (myscript.sh), symbolic mode chmod a-w myscript.sh # Remove read/write/execute from user/group/global (myscript.sh), symbolic mode chmod = myscript.sh # Set user to read/write and group/global read (myscript.sh), octal notation chmod 644 myscript.sh # Set user to read/write/execute and group/global read/execute (myscript.sh), octal notation chmod 755 myscript.sh # Set user/group/global to read/write (myscript.sh), octal notation chmod 666 myscript.sh # Roles u - user (owner of the file) g - group (members of file's group) o - global (all users who are not owner and not part of group) a - all (all 3 roles above) # Numeric representations 7 - full (rwx) 6 - read and write (rw-) 5 - read and execute (r-x) 4 - read only (r--) 3 - write and execute (-wx) 2 - write only (-w-) 1 - execute only (--x) 0 - none (---)

pacman

# All the following command work as well with multiple package names # To search for a package pacman -Ss <package name> # To update the local package base and upgrade all out of date packages pacman -Suy # To install a package pacman -S <package name> # To uninstall a package pacman -R <package name> # To uninstall a package and his depedencies, removing all new orphans pacman -Rcs <package name> # To get informations about a package pacman -Si <package name> # To install a package from builded package file (.tar.xz) pacman -U <file name/file url> # To list the commands provided by an installed package pacman -Ql <package name> | sed -n -e 's/.*\/bin\///p' | tail -n +2 # To list explicitly installed packages pacman -Qe # To list orphan packages (installed as dependencies and not required anymore) pacman -Qdt # You can't directly install packages from the Arch User Database (AUR) with pacman. # You need yaourt to perform that. But considering yaourt itself is in the AUR, here is how to build a package from its tarball. # Installing a package from AUR is a relatively simple process: # - Retrieve the archive corresponding to your package from AUR website # - Extract the archive (preferably in a folder for this purpose) # - Run makepkg in the extracted directory. (makepkg-s allows you to install any dependencies automatically from deposits.) # - Install the package created using pacman # Assuming $pkgname contains the package name. wget "https://aur.archlinux.org/packages/${pkgname::2}/$pkgname/$pkgname.tar.gz" tar zxvf "$pkgname.tar.gz" cd "$pkgname" # Build the package makepkg -s # Install sudo pacman -U <package file (.pkg.tar.xz)>

emacs

# Basic usage Indent Select text then press TAB Cut CTRL-w Copy ALT-w Paste CTRL-y Search/Find CTRL-s Replace ALT-% (ALT-SHIFT-5) Save CTRL-x CTRL-s Load/Open CTRL-x CTRL-f Undo CTRL-x u Highlight all text CTRL-x h Directory listing CTRL-x d Cancel a command ESC ESC ESC Font size bigger CTRL-x CTRL-+ Font size smaller CTRL-x CTRL-- # Buffers Split screen vertically CTRL-x 2 Split screen vertically with 5 row height CTRL-u 5 CTRL-x 2 Split screen horizontally CTRL-x 3 Split screen horizontally with 24 column width CTRL-u 24 CTRL-x 3 Revert to single screen CTRL-x 1 Hide the current screen CTRL-x 0 Kill the current screen CTRL-x k Move to the next buffer CTRL-x O Select a buffer CTRL-x b Run command in the scratch buffer CTRL-x CTRL-e # Other stuff Open a shell ALT-x eshell Goto a line number ALT-x goto-line Word wrap ALT-x toggle-word-wrap Spell checking ALT-x flyspell-mode Line numbers ALT-x linum-mode Toggle line wrap ALT-x visual-line-mode Compile some code ALT-x compile List packages ALT-x package-list-packages # Sudoing within eshell By default when using the sudo command within eshell you'll just get "permission denied" messages. To overcome that type: alias sudo '*sudo $*' # Line numbers To add line numbers and enable moving to a line with CTRL-l: (global-set-key "\C-l" 'goto-line) (add-hook 'find-file-hook (lambda () (linum-mode 1))) # Org-mode To begin org-mode ALT-x org-mode Table column separator Vertical/pipe character Reorganize table TAB Section heading * Open/collapse section TAB Open/collapse All CTRL-TAB Export in other file formats (eg HTML,PDF) CTRL-c CTRL-e To make org-mode automatically wrap lines: (add-hook 'org-mode-hook '(lambda () (visual-line-mode 1)))

chown

# Change file owner chown user file # Change file owner and group chown user:group file # Change owner recursively chown -R user directory # Change ownership to match another file chown --reference=/path/to/ref_file file

ncat

# Connect mode (ncat is client) | default port is 31337 ncat <host> [<port>] # Listen mode (ncat is server) | default port is 31337 ncat -l [<host>] [<port>] # Transfer file (closes after one transfer) ncat -l [<host>] [<port>] < file # Transfer file (stays open for multiple transfers) ncat -l --keep-open [<host>] [<port>] < file # Receive file ncat [<host>] [<port>] > file # Brokering | allows for multiple clients to connect ncat -l --broker [<host>] [<port>] # Listen with SSL | many options, use ncat --help for full list ncat -l --ssl [<host>] [<port>] # Access control ncat -l --allow <ip> ncat -l --deny <ip> # Proxying ncat --proxy <proxyhost>[:<proxyport>] --proxy-type {http | socks4} <host>[<port>] # Chat server | can use brokering for multi-user chat ncat -l --chat [<host>] [<port>]

man

# Convert a man page to pdf man -t bash | ps2pdf - bash.pdf # View the ascii chart man 7 ascii

numfmt

# Convert bytes to Human readable format numfmt --to=iec --suffix=B --padding=7 1048576

mkdir

# Create a directory and all its parents mkdir -p foo/bar/baz # Create foo/bar and foo/baz directories mkdir -p foo/{bar,baz} # Create the foo/bar, foo/baz, foo/baz/zip and foo/baz/zap directories mkdir -p foo/{bar,baz/{zip,zap}}

gpg

# Create a key gpg --gen-key # Show keys To list a summary of all keys gpg --list-keys To show your public key gpg --armor --export To show the fingerprint for a key gpg --fingerprint KEY_ID # Search for keys gpg --search-keys '[email protected]' # To Encrypt a File gpg --encrypt --recipient '[email protected]' example.txt # To Decrypt a File gpg --output example.txt --decrypt example.txt.gpg # Export keys gpg --output ~/public_key.txt --armor --export KEY_ID gpg --output ~/private_key.txt --armor --export-secret-key KEY_ID Where KEY_ID is the 8 character GPG key ID. Store these files to a safe location, such as a USB drive, then remove the private key file. shred -zu ~/private_key.txt # Import keys Retrieve the key files which you previously exported. gpg --import ~/public_key.txt gpg --allow-secret-key-import --import ~/private_key.txt Then delete the private key file. shred -zu ~/private_key.txt # Revoke a key Create a revocation certificate. gpg --output ~/revoke.asc --gen-revoke KEY_ID Where KEY_ID is the 8 character GPG key ID. After creating the certificate import it. gpg --import ~/revoke.asc Then ensure that key servers know about the revokation. gpg --send-keys KEY_ID # Signing and Verifying files If you're uploading files to launchpad you may also want to include a GPG signature file. gpg -ba filename or if you need to specify a particular key: gpg --default-key <key ID> -ba filename This then produces a file with a .asc extension which can be uploaded. If you need to set the default key more permanently then edit the file ~/.gnupg/gpg.conf and set the default-key parameter. To verify a downloaded file using its signature file. gpg --verify filename.asc # Signing Public Keys Import the public key or retrieve it from a server. gpg --keyserver <keyserver> --recv-keys <Key_ID> Check its fingerprint against any previously stated value. gpg --fingerprint <Key_ID> Sign the key. gpg --sign-key <Key_ID> Upload the signed key to a server. gpg --keyserver <keyserver> --send-key <Key_ID> # Change the email address associated with a GPG key gpg --edit-key <key ID> adduid Enter the new name and email address. You can then list the addresses with: list If you want to delete a previous email address first select it: uid <list number> Then delete it with: deluid To finish type: save Publish the key to a server: gpg --send-keys <key ID> # Creating Subkeys Subkeys can be useful if you don't wish to have your main GPG key installed on multiple machines. In this way you can keep your master key safe and have subkeys with expiry periods or which may be separately revoked installed on various machines. This avoids generating entirely separate keys and so breaking any web of trust which has been established. gpg --edit-key <key ID> At the prompt type: addkey Choose RSA (sign only), 4096 bits and select an expiry period. Entropy will be gathered. At the prompt type: save You can also repeat the procedure, but selecting RSA (encrypt only). To remove the master key, leaving only the subkey/s in place: gpg --export-secret-subkeys <subkey ID> > subkeys gpg --export <key ID> > pubkeys gpg --delete-secret-key <key ID> Import the keys back. gpg --import pubkeys subkeys Verify the import. gpg -K Should show sec# instead of just sec.

http

# Custom HTTP method HTTP headers and JSON data: http PUT example.org X-API-Token:123 name=John # Submitting forms: http -f POST example.org hello=World # See the request that is being sent using one of the output options: http -v example.org # Use Github API to post a comment on an issue with authentication: http -a USERNAME POST https://api.github.com/repos/jkbrzt/httpie/issues/83/comments body='HTTPie is awesome!' # Upload a file using redirected input: http example.org < file.json # Download a file and save it via redirected output: http example.org/file > file # Download a file wget style: http --download example.org/file # Use named sessions_ to make certain aspects or the communication # persistent between requests to the same host: # http --session=logged-in -a username:password httpbin.org/get API-Key:123 http --session=logged-in httpbin.org/headers # Set a custom Host header to work around missing DNS records: http localhost:8000 Host:example.com # Simple JSON example: http PUT example.org name=John [email protected] # Non-string fields use the := separator, which allows you to embed raw # JSON into the resulting object. Text and raw JSON files can also be # embedded into fields using =@ and :=@: http PUT api.example.com/person/1 name=John age:=29 married:=false hobbies:='["http", "pies"]' [email protected] bookmarks:[email protected] # Send JSON data stored in a file: http POST api.example.com/person/1 < person.json # Regular Forms http --form POST api.example.org/person/1 name='John Smith' [email protected] cv=@~/Documents/cv.txt # File Upload Forms # If one or more file fields is present, the serialization and content # type is multipart/form-data: http -f POST example.com/jobs name='John Smith' cv@~/Documents/cv.pdf # To set custom headers you can use the Header:Value notation: http example.org User-Agent:Bacon/1.0 'Cookie:valued-visitor=yes;foo=bar' X-Foo:Bar Referer:http://httpie.org/ # Basic auth: http -a username:password example.org # Digest auth: http --auth-type=digest -a username:password example.org # With password prompt: http -a username example.org # Authorization information from your ~/.netrc file is honored as well: cat ~/.netrc machine httpbin.org login httpie # password test http httpbin.org/basic-auth/httpie/test # You can specify proxies to be used through the --proxy argument for each # protocol (which is included in the value in case of redirects across # protocols): http --proxy=http:http://10.10.1.10:3128 --proxy=https:https://10.10.1.10:1080 example.org # With Basic authentication: http --proxy=http:http://user:[email protected]:3128 example.org # To skip the HOST'S SSL CERTIFICATE VERIFICATION, you can pass # --verify=no (default is yes): http --verify=no https://example.org # You can also use --verify=<CA_BUNDLE_PATH> to set a CUSTOM CA BUNDLE path: http --verify=/ssl/custom_ca_bundle https://example.org # To use a CLIENT SIDE CERTIFICATE for the SSL communication, you can pass # the path of the cert file with --cert: http --cert=client.pem https://example.org # If the PRIVATE KEY is not contained in the cert file you may pass the # path of the key file with --cert-key: http --cert=client.crt --cert-key=client.key https://example.org # You can control what should be printed via several options: # --headers, -h Only the response headers are printed. # --body, -b Only the response body is printed. # --verbose, -v Print the whole HTTP exchange (request and response). # --print, -p Selects parts of the HTTP exchange. http --verbose PUT httpbin.org/put hello=world # Print request and response headers: # Character Stands for # ----------- ------------------- # H Request headers. # B Request body. # h Response headers. # b Response body. http --print=Hh PUT httpbin.org/put hello=world # Let's say that there is an API that returns the whole resource when it # is updated, but you are only interested in the response headers to see # the status code after an update: http --headers PATCH example.org/Really-Huge-Resource name='New Name' # Redirect from a file: http PUT example.com/person/1 X-API-Token:123 < person.json # Or the output of another program: grep '401 Unauthorized' /var/log/httpd/error_log | http POST example.org/intruders # You can use echo for simple data: echo '{"name": "John"}' | http PATCH example.com/person/1 X-API-Token:123 # You can even pipe web services together using HTTPie: http GET https://api.github.com/repos/jkbrzt/httpie | http POST httpbin.org/post # You can use cat to enter multiline data on the terminal: cat | http POST example.com <paste> # ^D cat | http POST example.com/todos Content-Type:text/plain - buy milk - call parents ^D # On OS X, you can send the contents of the clipboard with pbpaste: pbpaste | http PUT example.com # Passing data through stdin cannot be combined with data fields specified # on the command line: echo 'data' | http POST example.org more=data # This is invalid # AN ALTERNATIVE TO REDIRECTED stdin is specifying a filename (as # @/path/to/file) whose content is used as if it came from stdin. # It has the advantage that THE Content-Type HEADER IS AUTOMATICALLY SET # to the appropriate value based on the filename extension. For example, # the following request sends the verbatim contents of that XML file with # Content-Type: application/xml: http PUT httpbin.org/put @/data/file.xml # Download a file: http example.org/Movie.mov > Movie.mov # Download an image of Octocat, resize it using ImageMagick, upload it # elsewhere: http octodex.github.com/images/original.jpg | convert - -resize 25% - | http example.org/Octocats # Force colorizing and formatting, and show both the request and the # response in less pager: http --pretty=all --verbose example.org | less -R # When enabled using the --download, -d flag, response headers are printed # to the terminal (stderr), and a progress bar is shown while the response # body is being saved to a file. http --download https://github.com/jkbrzt/httpie/tarball/master # You can also redirect the response body to another program while the # response headers and progress are still shown in the terminal: http -d https://github.com/jkbrzt/httpie/tarball/master | tar zxf - # If --output, -o is specified, you can resume a partial download using # the --continue, -c option. This only works with servers that support # Range requests and 206 Partial Content responses. If the server doesn't # support that, the whole file will simply be downloaded: http -dco file.zip example.org/file # Prettified streamed response: http --stream -f -a YOUR-TWITTER-NAME https://stream.twitter.com/1/statuses/filter.json track='Justin Bieber' # Send each new tweet (JSON object) mentioning "Apple" to another # server as soon as it arrives from the Twitter streaming API: http --stream -f -a YOUR-TWITTER-NAME https://stream.twitter.com/1/statuses/filter.json track=Apple | while read tweet; do echo "$tweet" | http POST example.org/tweets ; done # Create a new session named user1 for example.org: http --session=user1 -a user1:password example.org X-Foo:Bar # Now you can refer to the session by its name, and the previously used # authorization and HTTP headers will automatically be set: http --session=user1 example.org # To create or reuse a different session, simple specify a different name: http --session=user2 -a user2:password example.org X-Bar:Foo # Instead of a name, you can also directly specify a path to a session # file. This allows for sessions to be re-used across multiple hosts: http --session=/tmp/session.json example.orghttp --session=/tmp/session.json admin.example.orghttp --session=~/.httpie/sessions/another.example.org/test.json example.orghttp --session-read-only=/tmp/session.json example.org

apt-get

# Desc: Allows to update the operating system # To fetch package list apt-get update # To download and install updates without installing new package. apt-get upgrade # To download and install the updates AND install new necessary packages apt-get dist-upgrade # Full command: apt-get update && apt-get dist-upgrade # To install a new package(s) apt-get install package(s) # Download a package without installing it. (The package will be downloaded in your current working dir) apt-get download modsecurity-crs # Change Cache dir and archive dir (where .deb are stored). apt-get -o Dir::Cache="/path/to/destination/dir/" -o Dir::Cache::archives="./" install ... # Show apt-get installed packages. grep 'install ' /var/log/dpkg.log # Silently keep old configuration during batch updates apt-get update -o DPkg::Options::='--force-confold' ...

apparmor

# Desc: Apparmor will protect the system by confining programs to a limited set of resources. # To activate a profile: sudo aa-enforce usr.bin.firefox # OR export _PROFILE_='usr.bin.firefox' sudo $(rm /etc/apparmor.d/disable/$_PROFILE_ ; cat /etc/apparmor.d/$_PROFILE_ | apparmor_parser -a ) # TO disable a profile: sudo aa-disable usr.bin.firefox # OR export _PROFILE_='usr.bin.firefox' sudo $(ln -s /etc/apparmor.d/$_PROFILE_ /etc/apparmor.d/disable/ && apparmor_parser -R /etc/apparmor.d/$_PROFILE_) # To list profiles loaded: sudo aa-status # OR sudo apparmor_status # List of profiles aviables: /etc/apparmor.d/

nmcli

# Desc: Command line interface to NetworkManager # Connect to a wireless access point - Parameters: # <wiface> -- the name of your wireless interface # <ssid> -- the SSID of the access point # <pass> -- the WiFi password nmcli d wifi connect <ssid> password <pass> iface <wiface> # Disconnect from WiFi - Parameters: # <wiface> -- the name of your wireless interface nmcli d wifi disconnect iface <wiface> # Get WiFi status (enabled / disabled) nmcli radio wifi # Enable / Disable WiFi nmcli radio wifi <on|off> # Show all available WiFi access points nmcli dev wifi list # Refresh the available WiFi connection list nmcli dev wifi rescan # Show all available connections nmcli con # Show only active connections nmcli con show --active # Review the available devices nmcli dev status # Add a dynamic ethernet connection - parameters: # <name> -- the name of the connection # <iface_name> -- the name of the interface ncmli con add type ethernet con-name <name> ifname <iface_name> # Bring up the ethernet connection nmcli con up <name>

python

# Desc: Python is a high-level programming language. # Basic example of server with python # Will start a Web Server in the current directory on port 8000 # go to http://127.0.0.1:8000 # Python v2.7 python -m SimpleHTTPServer # Python 3 python -m http.server 8000 # SMTP-Server for debugging, messages will be discarded, and printed on stdout. python -m smtpd -n -c DebuggingServer localhost:1025 # Pretty print a json python -mjson.tool

hardware-info

# Display all hardware details sudo lshw # List currently loaded kernel modules lsmod # List all modules available to the system find /lib/modules/$(uname -r) -type f -iname "*.ko" # Load a module into kernel modprobe modulename # Remove a module from kernel modprobe -r modulename # List devices connected via pci bus lspci # Debug output for pci devices (hex) lspci -vvxxx # Display cpu hardware stats cat /proc/cpuinfo # Display memory hardware stats cat /proc/meminfo # Output the kernel ring buffer dmesg # Ouput kernel messages dmesg --kernel

cut

# To cut out the third field of text or stdoutput that is delimited by a #: cut -d# -f3

less

# To disable the terminal refresh when exiting less -X

ip

# Display all interfaces with addresses ip addr # Take down / up the wireless adapter ip link set dev wlan0 {up|down} # Set a static IP and netmask ip addr add 192.168.1.100/32 dev eth0 # Remove a IP from an interface ip addr del 192.168.1.100/32 dev eth0 # Remove all IPs from an interface ip address flush dev eth0 # Display all routes ip route # Display all routes for IPv6 ip -6 route # Add default route via gateway IP ip route add default via 192.168.1.1 # Add route via interface ip route add 192.168.0.0/24 dev eth0 # Change your mac address ip link set dev eth0 address aa:bb:cc:dd:ee:ff # View neighbors (using ARP and NDP) ip neighbor show

lib

# Display available libraries ldconfig -p # Update library resources ldconfig # Display libraries and file location ldd # Libraries available to apps in real-time "Dynamic Libraries" (.so.) # Libraries only available to apps when installed (imported) "Static Libraries" (.a.) # Standard (usual) library file location /lib # Sofware-accessible source for library info /etc/ld.so.cache # (binary) # Human-readable source for library info /etc/ld.so.conf # (points to /etc/ld.so.conf.d)

ifconfig

# Display network settings of the first ethernet adapter ifconfig wlan0 # Display all interfaces, even if down ifconfig -a # Take down / up the wireless adapter ifconfig wlan0 {up|down} # Set a static IP and netmask ifconfig eth0 192.168.1.100 netmask 255.255.255.0 # You may also need to add a gateway IP route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1

iwconfig

# Display wireless settings of the first wireless adapter iwconfig wlan0 # Take down / up the wireless adapter iwconfig wlan0 txpower {on|auto|off} # Change the mode of the wireless adapter iwconfig wlan0 mode {managed|ad-hoc|monitor}

ls

# Displays everything in the target directory ls path/to/the/target/directory # Displays everything including hidden files ls -a # Displays all files, along with the size (with unit suffixes) and timestamp ls -lh # Display files, sorted by size ls -S # Display directories only ls -d */ # Display directories only, include hidden ls -d .*/ */

curl

# Download a single file curl http://path.to.the/file # Download a file and specify a new filename curl http://example.com/file.zip -o new_file.zip # Download multiple files curl -O URLOfFirstFile -O URLOfSecondFile # Download all sequentially numbered files (1-24) curl http://example.com/pic[1-24].jpg # Download a file and pass HTTP Authentication curl -u username:password URL # Download a file with a Proxy curl -x proxysever.server.com:PORT http://addressiwantto.access # Download a file from FTP curl -u username:password -O ftp://example.com/pub/file.zip # Get an FTP directory listing curl ftp://username:[email protected] # Resume a previously failed download curl -C - -o partial_file.zip http://example.com/file.zip # Fetch only the HTTP headers from a response curl -I http://example.com # Fetch your external IP and network info as JSON curl http://ifconfig.me/all/json # Limit the rate of a download curl --limit-rate 1000B -O http://path.to.the/file

od

# Dump file in octal format od /path/to/binaryfile od -o /path/to/binaryfile od -t o2 /path/to/binaryfile # Dump file in hexadecimal format od -x /path/to/binaryfile od -t x2 /path/to/binaryfile # Dump file in hexadecimal format, with hexadecimal offsets and a space between each byte od -A x -t x1 /path/to/binaryfile

mdadm

# For the sake of briefness, we use Bash "group compound" stanza: # /dev/sd{a,b,...}1 => /dev/sda1 /dev/sdb1 ... # Along the following variables: # ${M} array identifier (/dev/md${M}) # ${D} device identifier (/dev/sd${D}) # ${P} partition identifier (/dev/sd${D}${P}) # Create (initialize) a new array mdadm --create /dev/md${M} --level=raid5 --raid-devices=4 /dev/sd{a,b,c,d,e}${P} --spare-devices=/dev/sdf1 # Manually assemble (activate) an existing array mdadm --assemble /dev/md${M} /dev/sd{a,b,c,d,e}${P} # Automatically assemble (activate) all existing arrays mdadm --assemble --scan # Stop an assembled (active) array mdadm --stop /dev/md${M} # See array configuration mdadm --query /dev/md${M} # See array component configuration (dump superblock content) mdadm --query --examine /dev/sd${D}${P} # See detailed array confiration/status mdadm --detail /dev/md${M} # Save existing arrays configuration # (MAY be required by initrd for successfull boot) mdadm --detail --scan > /etc/mdadm/mdadm.conf # Erase array component superblock # (MUST do before reusing a partition for other purposes) mdadm --zero-superblock /dev/sd${D}${P} # Manually mark a component as failed # (SHOULD when a device shows wear-and-tear signs, e.g. through SMART) mdadm --manage /dev/md${M} --fail /dev/sd${D}${P} # Remove a failed component # (SHOULD before preemptively replacing a device, after failing it) mdadm --manage /dev/md${M} --remove /dev/sd${D}${P} # Prepare (format) a new device to replace a failed one sfdisk -d /dev/sd${D,sane} | sfdisk /dev/sd${D,new} # Add new component to an existing array # (this will trigger the rebuild) mdadm --manage /dev/md${M} --add /dev/sd${D,new}${P} # See assembled (active) arrays status cat /proc/mdstat # Rename a device # (SHOULD after hostname change; eg. name="$(hostname -s)") mdadm --assemble /dev/md${M} /dev/sd{a,b,c,d,e}${P} --name="${name}:${M}" --update=name

distcc

# INSTALL # ============================================================================== # Edit /etc/default/distcc and set theses vars # STARTDISTCC="true" # ALLOWEDNETS="127.0.0.1 192.168.1.0/24"# Your computer and local computers # #LISTENER="127.0.0.1"# Comment it # ZEROCONF="true"# Auto configuration # REMEMBER 1: # Start/Restart your distccd servers before using one of these commands. # service distccd start # REMEMBER 2: # Do not forget to install on each machine DISTCC. # No need to install libs ! Only main host need libs ! # USAGE # ============================================================================== # Run make with 4 thread (a cross network) in auto configuration. # Note: for gcc, Replace CXX by CC and g++ by gcc ZEROCONF='+zeroconf' make -j4 CXX='distcc g++' # Run make with 4 thread (a cross network) in static configuration (2 ip) # Note: for gcc, Replace CXX by CC and g++ by gcc DISTCC_HOSTS='127.0.0.1 192.168.1.69' make -j4 CXX='distcc g++' # Show hosts aviables ZEROCONF='+zeroconf' distcc --show-hosts

apk

# Install a package apk add $package # Remove a package apk del $package # Update repos apk update # Upgrade all packages apk upgrade # Find a package apk search $package

bower

# Install a package locally bower install <package-name> # Install a package locally directly from github bower install <user>/<repo> # Install a specific package locally bower install <package-name>#<version> # Install a package locally and save installed package into bower.json bower install <package-name> --save # Retrieve info of a particular package bower info <package-name> # List local packages bower list # Search for a package by name bower search <package-name> # Update a package to their newest version bower update <package-name> # Remove a local package bower uninstall <package-name>

lsof

# List all IPv4 network files sudo lsof -i4 # List all IPv6 network files sudo lsof -i6 # To find listening ports: lsof -Pnl +M -i4 # To find which program is using the port 80: lsof -i TCP:80 # List all processes accessing a particular file/directory lsof </path/to/file> # List all files open for a particular user lsof -u <username> # List all files/network connections a given process is using lsof -c <command-name> # See this primer: http://www.danielmiessler.com/study/lsof/ # for a number of other useful lsof tips

rename

# Lowercase all files and folders in current directory rename 'y/A-Z/a-z/' *

cups

# Manage printers through CUPS: http://localhost:631 (in web browser) # Print file from command line lp myfile.txt # Display print queue lpq # Remove print job from queue lprm 545 or lprm - # Print log location /var/log/cups # Reject new jobs cupsreject printername # Accept new jobs cupsaccept printername

jq

# Pretty print the json jq "." < filename.json # Access the value at key "foo" jq '.foo' # Access first list item jq '.[0]' # Slice & Dice jq '.[2:4]' jq '.[:3]' jq '.[-2:]'

date

# Print date in format suitable for affixing to file names date +"%Y%m%d_%H%M%S" # Convert Unix timestamp to Date date -d @1440359821

p4

# Print details related to Client and server configuration p4 info # Open a file and add it to depot p4 add <filename>

ffmpeg

# Print file metadata etc. ffmpeg -i path/to/file.ext # Convert all m4a files to mp3 for f in *.m4a; do ffmpeg -i "$f" -acodec libmp3lame -ab 320k "${f%.m4a}.mp3"; done # Listen to 10 seconds of audio from a video file # # -ss : start time # -t : seconds to cut # -autoexit : closes ffplay as soon as the audio finishes ffmpeg -ss 00:34:24.85 -t 10 -i path/to/file.mp4 -f mp3 pipe:play | ffplay -i pipe:play -autoexit

df

# Printout disk free space in a human readable format df -h

dd

# Read from {/dev/urandom} 2*512 Bytes and put it into {/tmp/test.txt} # Note: At the first iteration, we read 512 Bytes. # Note: At the second iteration, we read 512 Bytes. dd if=/dev/urandom of=/tmp/test.txt count=512 bs=2 # Watch the progress of 'dd' dd if=/dev/zero of=/dev/null bs=4KB &; export dd_pid=`pgrep '^dd'`; while [[ -d /proc/$dd_pid ]]; do kill -USR1 $dd_pid && sleep 1 && clear; done # Watch the progress of 'dd' with `pv` and `dialog` (apt-get install pv dialog) (pv -n /dev/zero | dd of=/dev/null bs=128M conv=notrunc,noerror) 2>&1 | dialog --gauge "Running dd command (cloning), please wait..." 10 70 0 # Watch the progress of 'dd' with `pv` and `zenity` (apt-get install pv zenity) (pv -n /dev/zero | dd of=/dev/null bs=128M conv=notrunc,noerror) 2>&1 | zenity --title 'Running dd command (cloning), please wait...' --progress # Watch the progress of 'dd' with the built-in `progress` functionality (introduced in coreutils v8.24) dd if=/dev/zero of=/dev/null bs=128M status=progress # DD with "graphical" return dcfldd if=/dev/zero of=/dev/null bs=500K

rm

# Remove files and subdirs rm -rf path/to/the/target/ # Ignore non existent files rm -f path/to/the/target # Remove a file with his inode find /tmp/ -inum 6666 -exec rm -i '{}' \;

grep

# Search a file for a pattern grep pattern file # Case insensitive search (with line numbers) grep -in pattern file # Recursively grep for string <pattern> in folder: grep -R pattern folder # Read search patterns from a file (one per line) grep -f pattern_file file # Find lines NOT containing pattern grep -v pattern file # You can grep with regular expressions grep "^00" file #Match lines starting with 00 grep -E "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" file #Find IP add # Find all files which match {pattern} in {directory} # This will show: "file:line my research" grep -rnw 'directory' -e "pattern" # Exclude grep from your grepped output of ps. # Add [] to the first letter. Ex: sshd -> [s]shd ps aux | grep '[h]ttpd' # Colour in red {bash} and keep all other lines ps aux | grep -E --color 'bash|$'

pip

# Search for packages pip search SomePackage # Install some packages pip install SomePackage # Install some package in user space pip install --user SomePackage # Upgrade some package pip install --upgrade SomePackage # Output and install packages in a requirement file pip freeze > requirements.txt pip install -r requirements.txt # Show details of a package pip show SomePackage # List outdated packages pip list --outdated # Upgrade all outdated packages, thanks to http://stackoverflow.com/a/3452888 pip freeze --local | grep -v '^\-e' | cut -d = -f 1 | xargs -n1 pip install -U # Install specific version of a package pip install -I SomePackage1==1.1.0 'SomePackage2>=1.0.4'

iptables

# Show hit for rules with auto refresh watch --interval 0 'iptables -nvL | grep -v "0 0"' # Show hit for rule with auto refresh and highlight any changes since the last refresh watch -d -n 2 iptables -nvL # Block the port 902 and we hide this port from nmap. iptables -A INPUT -i eth0 -p tcp --dport 902 -j REJECT --reject-with icmp-port-unreachable # Note, --reject-with accept: # icmp-net-unreachable # icmp-host-unreachable # icmp-port-unreachable <- Hide a port to nmap # icmp-proto-unreachable # icmp-net-prohibited # icmp-host-prohibited or # icmp-admin-prohibited # tcp-reset # Add a comment to a rule: iptables ... -m comment --comment "This rule is here for this reason" # To remove or insert a rule: # 1) Show all rules iptables -L INPUT --line-numbers # OR iptables -nL --line-numbers # Chain INPUT (policy ACCEPT) # num target prot opt source destination # 1 ACCEPT udp -- anywhere anywhere udp dpt:domain # 2 ACCEPT tcp -- anywhere anywhere tcp dpt:domain # 3 ACCEPT udp -- anywhere anywhere udp dpt:bootps # 4 ACCEPT tcp -- anywhere anywhere tcp dpt:bootps # 2.a) REMOVE (-D) a rule. (here an INPUT rule) iptables -D INPUT 2 # 2.b) OR INSERT a rule. iptables -I INPUT {LINE_NUMBER} -i eth1 -p tcp --dport 21 -s 123.123.123.123 -j ACCEPT -m comment --comment "This rule is here for this reason"

nc

# To open a TCP connection to port 42 of host.example.com, using port 31337 as the source port, with a timeout of 5 seconds: nc -p 31337 -w 5 host.example.com 42 # To open a UDP connection to port 53 of host.example.com: nc -u host.example.com 53 # To open a TCP connection to port 42 of host.example.com using 10.1.2.3 as the IP for the local end of the connection: nc -s 10.1.2.3 host.example.com 42 # To create and listen on a UNIX-domain stream socket: nc -lU /var/tmp/dsocket # To connect to port 42 of host.example.com via an HTTP proxy at 10.2.3.4, port 8080. This example could also be used by ssh(1); see the ProxyCommand directive in ssh_config(5) for more information. nc -x10.2.3.4:8080 -Xconnect host.example.com 42 # The same example again, this time enabling proxy authentication with username "ruser" if the proxy requires it: nc -x10.2.3.4:8080 -Xconnect -Pruser host.example.com 42 # To choose the source IP for the testing using the -s option nc -zv -s source_IP target_IP Port

nmap

# Single target scan: nmap [target] # Scan from a list of targets: nmap -iL [list.txt] # iPv6: nmap -6 [target] # OS detection: nmap -O --osscan_guess [target] # Save output to text file: nmap -oN [output.txt] [target] # Save output to xml file: nmap -oX [output.xml] [target] # Scan a specific port: nmap -source-port [port] [target] # Do an aggressive scan: nmap -A [target] # Speedup your scan: # -n => disable ReverseDNS # --min-rate=X => min X packets / sec nmap -T5 --min-parallelism=50 -n --min-rate=300 [target] # Traceroute: nmap -traceroute [target] # Ping scan only: -sP # Don't ping: -PN <- Use full if a host don't reply to a ping. # TCP SYN ping: -PS # TCP ACK ping: -PA # UDP ping: -PU # ARP ping: -PR # Example: Ping scan all machines on a class C network nmap -sP 192.168.0.0/24 # Force TCP scan: -sT # Force UDP scan: -sU # Use some script: nmap --script default,safe # Loads the script in the default category, the banner script, and all .nse files in the directory /home/user/customscripts. nmap --script default,banner,/home/user/customscripts # Loads all scripts whose name starts with http-, such as http-auth and http-open-proxy. nmap --script 'http-*' # Loads every script except for those in the intrusive category. nmap --script "not intrusive" # Loads those scripts that are in both the default and safe categories. nmap --script "default and safe" # Loads scripts in the default, safe, or intrusive categories, except for those whose names start with http-. nmap --script "(default or safe or intrusive) and not http-*" # Scan for the heartbleed # -pT:443 => Scan only port 443 with TCP (T:) nmap -T5 --min-parallelism=50 -n --script "ssl-heartbleed" -pT:443 127.0.0.1 # Show all informations (debug mode) nmap -d ...

csplit

# Split a file based on pattern csplit input.file '/PATTERN/' # Use prefix/suffix to improve resulting file names csplit -f 'prefix-' -b '%d.extension' input.file '/PATTERN/' '{*}'

docker

# Start docker daemon docker -d # start a container with an interactive shell docker run -ti <image_name> /bin/bash # "shell" into a running container (docker-1.3+) docker exec -ti <container_name> bash # inspect a running container docker inspect <container_name> (or <container_id>) # Get the process ID for a container # Source: https://github.com/jpetazzo/nsenter docker inspect --format {{.State.Pid}} <container_name_or_ID> # List the current mounted volumes for a container (and pretty print) # Source: # http://nathanleclaire.com/blog/2014/07/12/10-docker-tips-and-tricks-that-will-make-you-sing-a-whale-song-of-joy/ docker inspect --format='{{json .Volumes}}' <container_id> | python -mjson.tool # Copy files/folders between a container and your host docker cp foo.txt mycontainer:/foo.txt # list currently running containers docker ps # list all containers docker ps -a # list all images docker images

mysql

# To connect to a database mysql -h localhost -u root -p # To backup all databases mysqldump --all-databases --all-routines -u root -p > ~/fulldump.sql # To restore all databases mysql -u root -p < ~/fulldump.sql # To create a database in utf8 charset CREATE DATABASE owa CHARACTER SET utf8 COLLATE utf8_general_ci; # To add a user and give rights on the given database GRANT ALL PRIVILEGES ON database.* TO 'user'@'localhost'IDENTIFIED BY 'password' WITH GRANT OPTION; # To list the privileges granted to the account that you are using to connect to the server. Any of the 3 statements will work. SHOW GRANTS FOR CURRENT_USER(); SHOW GRANTS; SHOW GRANTS FOR CURRENT_USER; # Basic SELECT Statement SELECT * FROM tbl_name; # Basic INSERT Statement INSERT INTO tbl_name (col1,col2) VALUES(15,col1*2); # Basic UPDATE Statement UPDATE tbl_name SET col1 = "example"; # Basic DELETE Statement DELETE FROM tbl_name WHERE user = 'jcole';

asterisk

# To connect to a running Asterisk session: asterisk -rvvv # To issue a command to Asterisk from the shell: asterisk -rx "<command>" # To originate an echo call from a SIP trunk on an Asterisk server, to a specified number: asterisk -rx "channel originate SIP/<trunk>/<number> application echo" # To print out the details of SIP accounts: asterisk -rx "sip show peers" # To print out the passwords of SIP accounts: asterisk -rx "sip show users" # To print out the current active channels: asterisk -rx "core show channels"

irssi

# To connect to an IRC server /connect <server domain name> # To join a channel /join #<channel name> # To set a nickname /nick <my nickname> # To send a private message to a user /msg <nickname> # To close the current channel window /wc # To switch between channel windows ALT+<number>, eg. ALT+1, ALT+2 # To list the nicknames within the active channel /names # To change the channel topic /topic <description> # To limit channel background noise (joins, parts, quits, etc.) /ignore #foo,#bar JOINS PARTS QUITS NICKS # Quieten only channels `#foo`, `#bar` /ignore * JOINS PARTS QUITS NICKS # Quieten all channels # To save the current Irssi session config into the configuration file /save # To quit Irssi /exit

rsync

# To copy files from remote to local, maintaining file properties and sym-links (-a), zipping for faster transfer (-z), verbose (-v). rsync -avz host:file1 :file1 /dest/ rsync -avz /source host:/dest # Copy files using checksum (-c) rather than time to detect if the file has changed. (Useful for validating backups). rsync -avc /source/ /dest/ # Copy contents of /src/foo to destination: # This command will create /dest/foo if it does not already exist rsync -auv /src/foo /dest # Explicitly copy /src/foo to /dest/foo rsync -auv /src/foo/ /dest/foo

gzip

# To create a *.gz compressed file gzip test.txt # To create a *.gz compressed file to a specific location using -c option (standard out) gzip -c test.txt > test_custom.txt.gz # To uncompress a *.gz file gzip -d test.txt.gz # Display compression ratio of the compressed file using gzip -l gzip -l *.gz # Recursively compress all the files under a specified directory gzip -r documents_directory # To create a *.gz compressed file and keep the original gzip < test.txt > test.txt.gz

openssl

# To create a 2048-bit private key: openssl genrsa -out server.key 2048 # To create the Certificate Signing Request (CSR): openssl req -new -key server.key -out server.csr # To sign a certificate using a private key and CSR: openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt # (The above commands may be run in sequence to generate a self-signed SSL certificate.) # To show certificate information for a certificate signing request openssl req -text -noout -in server.csr # To show certificate information for generated certificate openssl x509 -text -noout -in server.crt # To view certificate expiration: echo | openssl s_client -connect <hostname>:443 2> /dev/null | \ awk '/-----BEGIN/,/END CERTIFICATE-----/' | \ openssl x509 -noout -enddate # Generate Diffie-Hellman parameters: openssl dhparam -outform PEM -out dhparams.pem 2048

ln

# To create a symlink: ln -s path/to/the/target/directory name-of-symlink # Symlink, while overwriting existing destination files ln -sf /some/dir/exec /usr/bin/exec

route

# To display routing table IP addresses instead of host names: route -n # To add a default gateway: route add default gateway 192.168.0.1 # To add the normal loopback entry, using netmask 255.0.0.0 and associated with the "lo" device (assuming this device was previously set up correctly with ifconfig(8)). route add -net 127.0.0.0 netmask 255.0.0.0 dev lo # To add a route to the local network 192.56.76.x via "eth0". The word "dev" can be omitted here. route add -net 192.56.76.0 netmask 255.255.255.0 dev eth0 # To delete the current default route, which is labeled "default" or 0.0.0.0 in the destination field of the current routing table. route del default # To add a default route (which will be used if no other route matches). All packets using this route will be gatewayed through "mango-gw". The device which will actually be used for that route depends on how we can reach "mango-gw" - the static route to "mango-gw" will have to be set up before. route add default gw mango-gw # To add the route to the "ipx4" host via the SLIP interface (assuming that "ipx4" is the SLIP host). route add ipx4 sl0 # To add the net "192.57.66.x" to be gateway through the former route to the SLIP interface. route add -net 192.57.66.0 netmask 255.255.255.0 gw ipx4 # To install a rejecting route for the private network "10.x.x.x." route add -net 10.0.0.0 netmask 255.0.0.0 reject # This is an obscure one documented so people know how to do it. This sets all of the class D (multicast) IP routes to go via "eth0". This is the correct normal configuration line with a multicasting kernel route add -net 224.0.0.0 netmask 240.0.0.0 dev eth0

mysqldump

# To dump a database to a file (Note that your password will appear in your command history!): mysqldump -uusername -ppassword the-database > db.sql # To dump a database to a file: mysqldump -uusername -p the-database > db.sql # To dump a database to a .tgz file (Note that your password will appear in your command history!): mysqldump -uusername -ppassword the-database | gzip -9 > db.sql # To dump a database to a .tgz file: mysqldump -uusername -p the-database | gzip -9 > db.sql # To dump all databases to a file (Note that your password will appear in your command history!): mysqldump -uusername -ppassword --all-databases > all-databases.sql # To dump all databases to a file: mysqldump -uusername -p --all-databases > all-databases.sql # To export the database structure only: mysqldump --no-data -uusername -p the-database > dump_file # To export the database data only: mysqldump --no-create-info -uusername -p the-database > dump_file

find

# To find files by case-insensitive extension (ex: .jpg, .JPG, .jpG): find . -iname "*.jpg" # To find directories: find . -type d # To find files: find . -type f # To find files by octal permission: find . -type f -perm 777 # To find files with setuid bit set: find . -xdev \( -perm -4000 \) -type f -print0 | xargs -0 ls -l # To find files with extension '.txt' and remove them: find ./path/ -name '*.txt' -exec rm '{}' \; # To find files with extension '.txt' and look for a string into them: find ./path/ -name '*.txt' | xargs grep 'string' # To find files with size bigger than 5 Mb and sort them by size: find . -size +5M -type f -print0 | xargs -0 ls -Ssh | sort -z # To find files bigger thank 2 MB and list them: find . -type f -size +20000k -exec ls -lh {} \; | awk '{ print $9 ": " $5 }' # To find files modified more than 7 days ago and list file information find . -type f -mtime +7d -ls # To find symlinks owned by a user and list file information find . -type l --user=username -ls # To search for and delete empty directories find . -type d -empty -exec rmdir {} \; # To search for directories named build at a max depth of 2 directories find . -maxdepth 2 -name build -type d # To search all files who are not in .git directory find . ! -iwholename '*.git*' -type f # To find all files that have the same node (hard link) as MY_FILE_HERE find . -type f -samefile MY_FILE_HERE 2>/dev/null # To find all files in the current directory and modify their permissions find . -type f -exec chmod 644 {} \;

bash

# To implement a for loop: for file in *; do echo $file found; done # To implement a case command: case "$1" in 0) echo "zero found";; 1) echo "one found";; 2) echo "two found";; 3*) echo "something beginning with 3 found";; esac # Turn on debugging: set -x # Turn off debugging: set +x # Retrieve N-th piped command exit status printf 'foo' | fgrep 'foo' | sed 's/foo/bar/' echo ${PIPESTATUS[0]} # replace 0 with N # Lock file: ( set -o noclobber; echo > my.lock ) || echo 'Failed to create lock file'

rpm

# To install a package: rpm -ivh <rpm> # To remove a package: rpm -e <package> # To remove a package, but not its dependencies rpm -e --nodeps <package> # To find what package installs a file: rpm -qf </path/to/file> # To find what files are installed by a package: rpm -ql <package> rpm -qpl <rpm> # To find what packages require a package or file: rpm -q --whatrequires <package> rpm -q --whatrequires <file> # To list all installed packages: rpm -qa # To find a pkg's dependencies rpm -i --test <package> # Display checksum against source rpm -K <package> # Verify a package rpm -V <package>

dnf

# To install the latest version of a package: dnf install <package name> # To search package details for the given string dnf search <string> # To find which package provides a binary dnf provides <path to binary> # The following are available after installing "dnf-plugins-core" # Download a package dnf download <package name> # install the build dependencies for a SRPM or from a .spec file dnf builddep <srpm/.spec file>

nova

# To list VMs on current tenant: nova list # To list VMs of all tenants (admin user only): nova list --all-tenants # To boot a VM on a specific host: nova boot --nic net-id=<net_id> \ --image <image_id> \ --flavor <flavor> \ --availability-zone nova:<host_name> <vm_name> # To stop a server nova stop <server> # To start a server nova start <server> # To attach a network interface to a specific VM: nova interface-attach --net-id <net_id> <server>

ps

# To list every process on the system: ps aux # To list a process tree ps axjf # To list every process owned by foouser: ps -aufoouser # To list every process with a user-defined format: ps -eo pid,user,command # Exclude grep from your grepped output of ps. # Add [] to the first letter. Ex: sshd -> [s]shd ps aux | grep '[h]ttpd'

mount

# To mount / partition as read-write in repair mode: mount -o remount,rw / # Bind mount path to a second location mount --bind /origin/path /destination/path # To mount Usb disk as user writable: mount -o uid=username,gid=usergroup /dev/sdx /mnt/xxx # To mount a remote NFS directory mount -t nfs example.com:/remote/example/dir /local/example/dir # To mount an ISO mount -o loop disk1.iso /mnt/disk

gs

# To reduce the size of a pdf file: gs -dBATCH -dNOPAUSE -q -sDEVICE=pdfwrite -sOutputFile=output.pdf input.pdf

dhclient

# To release the current IP address: sudo dhclient -r # To obtain a new IP address: sudo dhclient # Running the above in sequence is a common way of refreshing an IP. # To obtain a new IP address for a specific interface: sudo dhclient eth0

convert

# To resize an image to a fixed width and proportional height: convert original-image.jpg -resize 100x converted-image.jpg # To resize an image to a fixed height and proportional width: convert original-image.jpg -resize x100 converted-image.jpg # To resize an image to a fixed width and height: convert original-image.jpg -resize 100x100 converted-image.jpg # To resize an image and simultaneously change its file type: convert original-image.jpg -resize 100x converted-image.png # To resize all of the images within a directory: # To implement a for loop: for file in `ls original/image/path/`; do new_path=${file%.*}; new_file=`basename $new_path`; convert $file -resize 150 conerted/image/path/$new_file.png; done

at

# To schedule a one time task at {time} {command 0} {command 1} Ctrl-d # {time} can be either now | midnight | noon | teatime (4pm) HH:MM now + N {minutes | hours | days | weeks} MM/DD/YY # To list pending jobs atq # To remove a job (use id from atq) atrm {id}

apt

# To search a package: apt search package # To show package informations: apt show package # To fetch package list: apt update # To download and install updates without installing new package: apt upgrade # To download and install the updates AND install new necessary packages: apt dist-upgrade # Full command: apt update && apt dist-upgrade # To install a new package(s): apt install package(s) # To uninstall package(s) apt remove package(s)

apt-cache

# To search for apt packages: apt-cache search "whatever" # To display package records for the named package(s): apt-cache show pkg(s) # To display reverse dependencies of a package apt-cache rdepends package_name # To display package versions, reverse dependencies and forward dependencies # of a package apt-cache showpkg package_name

aptitude

# To search for packages: aptitude search "whatever" # To display package records for the named package(s): aptitude show pkg(s) # To install a package: aptitude install package # To remove a package: aptitude remove package # To remove unnecessary package: aptitude autoclean

history

# To see most used top 10 commands: history | awk '{CMD[$2]++;count++;}END { for (a in CMD)print CMD[a] " " CMD[a]/count*100 "% " a;}' | grep -v "./" | column -c3 -s " " -t | sort -nr | nl | head -n10

notify-send

# To send a desktop notification via dbus: notify-send -i 'icon-file/name' -a 'application_name' 'summary' 'body of message' # The -i and -a flags can be omitted if unneeded.

git

# To set your identity: git config --global user.name "John Doe" git config --global user.email [email protected] # To set your editor: git config --global core.editor emacs # To enable color: git config --global color.ui true # To stage all changes for commit: git add --all # To commit staged changes git commit -m "Your commit message" # To edit previous commit message git commit --amend # Git commit in the past git commit --date="`date --date='2 day ago'`" git commit --date="Jun 13 18:30:25 IST 2015" # more recent versions of Git also support --date="2 days ago" directly # To change the date of an existing commit git filter-branch --env-filter \ 'if [ $GIT_COMMIT = 119f9ecf58069b265ab22f1f97d2b648faf932e0 ] then export GIT_AUTHOR_DATE="Fri Jan 2 21:38:53 2009 -0800" export GIT_COMMITTER_DATE="Sat May 19 01:01:01 2007 -0700" fi' # To removed staged and working directory changes git reset --hard # To go 2 commits back git reset --hard HEAD~2 # To remove untracked files git clean -f -d # To remove untracked and ignored files git clean -f -d -x # To push to the tracked master branch: git push origin master # To push to a specified repository: git push [email protected]:username/project.git # To delete the branch "branch_name" git branch -D branch_name # To make an exisiting branch track a remote branch git branch -u upstream/foo # To see who commited which line in a file git blame filename # To sync a fork with the master repo: git remote add upstream [email protected]:name/repo.git # Set a new repo git remote -v # Confirm new remote repo git fetch upstream # Get branches git branch -va # List local - remote branches git checkout master # Checkout local master branch git checkout -b new_branch # Create and checkout a new branch git merge upstream/master # Merge remote into local repo git show 83fb499 # Show what a commit did. git show 83fb499:path/fo/file.ext # Shows the file as it appeared at 83fb499. git diff branch_1 branch_2 # Check difference between branches git log # Show all the commits git status # Show the changes from last commit # Commit history of a set of files git log --pretty=email --patch-with-stat --reverse --full-index -- Admin\*.py > Sripts.patch # Import commits from another repo git --git-dir=../some_other_repo/.git format-patch -k -1 --stdout <commit SHA> | git am -3 -k # View commits that will be pushed git log @{u}.. # View changes that are new on a feature branch git log -p feature --not master git diff master...feature # Interactive rebase for the last 7 commits git rebase -i @~7 # Diff files WITHOUT considering them a part of git # This can be used to diff files that are not in a git repo! git diff --no-index path/to/file/A path/to/file/B # To pull changes while overwriting any local commits git fetch --all git reset --hard origin/master # Update all your submodules git submodule update --init --recursive # Perform a shallow clone to only get latest commits # (helps save data when cloning large repos) git clone --depth 1 <remote-url> # To unshallow a clone git pull --unshallow

asciiart

# To show some text in ASCII Art: figlet Cheat # ____ _ _ # / ___| |__ ___ __ _| |_ #| | | '_ \ / _ \/ _` | __| #| |___| | | | __/ (_| | |_ # \____|_| |_|\___|\__,_|\__| # # To have some text with color and other options: # Show with a border toilet -F border Cheat # Basic show (filled) toilet Cheat # mmm # m # m" " # mm mmm mmm mm#mm # # #" # #" # " # # # # # # #"""" m"""# # # "mmm" # # "#mm" "mm"# "mm #

more

# To show the file start at line number 5 more +5 file

head

# To show the first 10 lines of file head file # To show the first N lines of file head -n N file # To show the first N bytes of file head -c N file

du

# To sort directories/files by size du -sk *| sort -rn # To show cumulative humanreadable size du -sh

diff

# To view the differences between two files: diff -u version1 version2 # To view the differences between two directories: diff -ur folder1/ folder2/ # To ignore the white spaces: diff -ub version1 version2 # To ignore the blank lines: diff -uB version1 version2 # To ignore the differences between uppercase and lowercase: diff -ui version1 version2 # To report whether the files differ: diff -q version1 version2 # To report whether the files are identical: diff -s version1 version2 # To diff the output of two commands or scripts: diff <(command1) <(command2)

php

# To view the php version: php -v # To view the installed php modules: php -m # To view phpinfo() information: php -i # To lint a php file: php -l file.php # To lint all php files within the cwd: find . -name "*.php" -print0 | xargs -0 -n1 -P8 php -l # To enter an interactive shell: php -a # To locate the system's php.ini files: php -i | grep "php.ini" # To start a local webserver for the cwd on port 3000 (requires php >= 5.4): php -S localhost:3000

ntp

# Verify ntpd running: service ntp status # Start ntpd if not running: service ntp start # Display current hardware clock value: sudo hwclock -r # Apply system time to hardware time: sudo hwclock --systohc # Apply hardware time to system time: sudo hwclock --hctosys # Set hwclock to local time: sudo hwclock --localtime # Set hwclock to UTC: sudo hwclock --utc # Set hwclock manually: sudo hwclock --set --date="8/10/15 13:10:05" # Query surrounding stratum time servers ntpq -pn # Config file: /etc/ntp.conf # Driftfile: location of "drift" of your system clock compared to ntp servers /var/lib/ntp/ntp.drift

netstat

# WARNING ! netstat is deprecated. Look below. # To view which users/processes are listening to which ports: sudo netstat -lnptu # To view routing table (use -n flag to disable DNS lookups): netstat -r # Which process is listening to port <port> netstat -pln | grep <port> | awk '{print $NF}' Example output: 1507/python # Fast display of ipv4 tcp listening programs sudo netstat -vtlnp --listening -4 # WARNING ! netstat is deprecated. # Replace it by: ss # For netstat-r ip route # For netstat -i ip -s link # For netstat-g ip maddr

for

# basic loop for i in 1 2 3 4 5 6 7 8 9 10 do echo $i done # loop ls command results for var in `ls -alF` do echo $var done # loop specified number of times for i in `seq 1 10` do echo $i done

nkf

# check the file's charactor code nkf -g test.txt # convert charactor code to UTF-8 nkf -w --overwrite test.txt # convert charactor code to EUC-JP nkf -e --overwrite test.txt # convert charactor code to Shift-JIS nkf -s --overwrite test.txt # convert charactor code to ISO-2022-JP nkf -j --overwrite test.txt # convert newline to LF nkf -Lu --overwrite test.txt # convert newline to CRLF nkf -Lw --overwrite test.txt # convert newline to CR nkf -Lm --overwrite test.txt # MIME encode echo テスト | nkf -WwMQ # MIME decode echo "=E3=83=86=E3=82=B9=E3=83=88" | nkf -WwmQ

indent

# format C/C++ source according to the style of Kernighan and Ritchie (K&R), no tabs, 3 spaces per indent, wrap lines at 120 characters. indent -i3 -kr -nut -l120

ping6

# get all ipv6 neighbors via broadcast ping ping6 -I eth0 ff02::1

markdown

# headers h1 header ========= h2 header --------- # blockquotes > first level and paragraph >> second level and first paragraph > > first level and second paragraph # lists ## unordered - use *, +, or - * Red * Green * Blue ## ordered 1. First 2. Second 3. Third # code - use 4 spaces/1 tab regular text code code code or: Use the `printf()` function # hr's - three or more of the following *** --- ___ # links This is [an example](http://example.com "Title") inline link. # image  # emphasis *em* _em_ **strong** __strong__

ping

# ping a host with a total count of 15 packets overall. ping -c 15 www.example.com # ping a host with a total count of 15 packets overall, one every .5 seconds (faster ping). ping -c 15 -i .5 www.example.com # test if a packet size of 1500 bytes is supported (to check the MTU for example) ping -s 1500 -c 10 -M do www.example.com

ab

# send 100 requests with a concurency of 50 requests to an URL ab -n 100 -c 50 http://www.example.com/ # send requests during 30 seconds with a concurency of 50 requests to an URL ab -t 30 -c 50 URL http://www.example.com/

crontab

# set a shell SHELL=/bin/bash # crontab format * * * * * command_to_execute - - - - - | | | | | | | | | +- day of week (0 - 7) (where sunday is 0 and 7) | | | +--- month (1 - 12) | | +----- day (1 - 31) | +------- hour (0 - 23) +--------- minute (0 - 59) # example entries # every 15 min */15 * * * * /home/user/command.sh # every midnight 0 * * * * /home/user/command.sh # every Saturday at 8:05 AM 5 8 * * 6 /home/user/command.sh

gdb

# start the debugger gdb your-executable # set a breakpoint b some-method, break some-method # run the program r, run # when a breakpoint was reached: # run the current line, stepping over any invocations n, next # run the current line, stepping into any invocations s, step # print a stacktrace bt, backtrace # evaluate an expression and print the result p length=strlen(string) # list surrounding source code l, list # continue execution c, continue # exit gdb (after program terminated) q, quit

awk

# sum integers from a file or stdin, one integer per line: printf '1\n2\n3\n' | awk '{ sum += $1} END {print sum}' # using specific character as separator to sum integers from a file or stdin printf '1:2:3' | awk -F ":" '{print $1+$2+$3}' # print a multiplication table seq 9 | sed 'H;g' | awk -v RS='' '{for(i=1;i<=NF;i++)printf("%dx%d=%d%s", i, NR, i*NR, i==NR?"\n":"\t")}' # Specify output separator character printf '1 2 3' | awk 'BEGIN {OFS=":"}; {print $1,$2,$3}'

lvm

#Exclusive Activation of a Volume Group in a Cluster #Link --> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/High_Availability_Add-On_Administration/s1-exclusiveactive-HAAA.html 1> vgs --noheadings -o vg_name 2> volume_list = [ "rhel_root", "rhel_home" ] 3> dracut -H -f /boot/initramfs-$(uname -r).img $(uname -r) 4> Reboot the node 5> uname -r to verify the correct initrd image

rss2email

'rss2email -- converts rss feeds and emails them to your inbox' # List all feeds r2e list # Convert RSS entries to email r2e run # Add a new feed r2e add <feed address> # Add a new feed with new email address r2e add <feed address> [newemail address] # Delete a feed r2e delete <# of feed in list/> # Help r2e -h

7z

7z A file archiver with highest compression ratio Args: a add d delete e extract l list t test u update x extract with full paths Example: 7z a -t7z -m0-lzma -mx=9 -mfb=64 -md=32m -ms=on archive.7z dir1 -t7z 7z archive -m0=lzma lzma method -mx=9 level of compression = 9 (ultra) -mfb=64 number of fast bytes for lzma = 64 -md=32m dictionary size = 32 Mb -ms=on solid archive = on 7z exit codes: 0 normal (no errors or warnings) 1 warning (non-fatal errors) 2 fatal error 7 bad cli arguments 8 not enough memory for operation 255 process was interrupted

hub

As a contributor to open-source ------------------------------- # clone your own project $ git clone dotfiles → git clone git://github.com/YOUR_USER/dotfiles.git # clone another project $ git clone github/hub → git clone git://github.com/github/hub.git # see the current project's issues $ git browse -- issues → open https://github.com/github/hub/issues # open another project's wiki $ git browse mojombo/jekyll wiki → open https://github.com/mojombo/jekyll/wiki ## Example workflow for contributing to a project: $ git clone github/hub $ cd hub # create a topic branch $ git checkout -b feature → ( making changes ... ) $ git commit -m "done with feature" # It's time to fork the repo! $ git fork → (forking repo on GitHub...) → git remote add YOUR_USER git://github.com/YOUR_USER/hub.git # push the changes to your new remote $ git push YOUR_USER feature # open a pull request for the topic branch you've just pushed $ git pull-request → (opens a text editor for your pull request message) As an open-source maintainer ---------------------------- # fetch from multiple trusted forks, even if they don't yet exist as remotes $ git fetch mislav,cehoffman → git remote add mislav git://github.com/mislav/hub.git → git remote add cehoffman git://github.com/cehoffman/hub.git → git fetch --multiple mislav cehoffman # check out a pull request for review $ git checkout https://github.com/github/hub/pull/134 → (creates a new branch with the contents of the pull request) # directly apply all commits from a pull request to the current branch $ git am -3 https://github.com/github/hub/pull/134 # cherry-pick a GitHub URL $ git cherry-pick https://github.com/xoebus/hub/commit/177eeb8 → git remote add xoebus git://github.com/xoebus/hub.git → git fetch xoebus → git cherry-pick 177eeb8 # `am` can be better than cherry-pick since it doesn't create a remote $ git am https://github.com/xoebus/hub/commit/177eeb8 # open the GitHub compare view between two releases $ git compare v0.9..v1.0 # put compare URL for a topic branch to clipboard $ git compare -u feature | pbcopy # create a repo for a new project $ git init $ git add . && git commit -m "It begins." $ git create -d "My new thing" → (creates a new project on GitHub with the name of current directory) $ git push origin master

readline

Moving around Ctrl-b Move the cursor one character ⇦ to the left Ctrl-f Move the cursor one character ⇨ to the right Alt-b Move the cursor one word ⇦ to the left Alt-f Move the cursor one word ⇨ to the right Ctrl-a Move the cursor ⇤ to the start of the line Ctrl-e Move the cursor ⇥ to the end of the line Ctrl-x-x Move the cursor ⇤⇥ to the start, and to the end again Cut, copy and paste Backspace Delete the character ⇦ to the left of the cursor DEL Ctrl-d Delete the character underneath the cursor Ctrl-u Delete everything ⇤ from the cursor back to the line start Ctrl-k Delete everything ⇥ from the cursor to the end of the line Alt-d Delete word ⇨ until before the next word boundary Ctrl-w Delete word ⇦ until after the previous word boundary Ctrl-y Yank/Paste prev. killed text at the cursor position Alt-y Yank/Paste prev. prev. killed text at the cursor position History Ctrl-p Move in history one line ⇧ before this line Ctrl-n Move in history one line ⇩ after this line Alt-> Move in history all the lines ⇩ to the line currently being entered Ctrl-r Incrementally search the line history ⇧ backwardly Ctrl-s Incrementally search the line history ⇩ forwardly Ctrl-J End an incremental search Ctrl-G Abort an incremental search and restore the original line Alt-Ctrl-y Yank/Paste arg. 1 of prev. cmnd at the cursor position Alt-. Alt-_ Yank/Paste last arg of prev. cmnd at the cursor position Undo Ctrl-_ Ctrl-x Ctrl-u Undo the last editing command; you can undo all the way back to an empty line Alt-r Undo all changes made to this line Ctrl-l Clear the screen, reprinting the current line at the top Ctrl-l Clear the screen, reprinting the current line at the top Completion TAB Auto-complete a name Alt-/ Auto-complete a name (without smart completion) Alt-? List the possible completions of the preceeding text Alt-* Insert all possible completions of the preceeding text Transpose Ctrl-t Transpose/drag char. before the cursor ↷ over the character at the cursor Alt-t Transpose/drag word before the cursor ↷ over the word at/after the cursor