Commands
Preboot Execution Environment (PXE)
enables a client to retrieve the necessary boot loader and system files from a server over the network. During the startup process, it will search for Dynamic Host Configuration Protocol (DHCP) servers that transfer the boot files to the client over the Trivial File Transfer Protocol (TFTP).
raw partition
enables users and applications to read from and write to a block storage device directly, without using the system cache. It is not a unit of storage.
private key
encrypts a digital signature message digest. The sender creates a hashed version of the message text, and then encrypts the hash itself with the sender's private key.
TZ
environment variable for a time zone that can be used in a script or users bash profile.
perf
Perf is a monitoring and performance analysis tool for Linux. You can use it on different flavors of Linux, such as Ubuntu and CentOS. you can measure the CPU performance of specific commands. For example, you can profile CPU while Documents/ directory is being copied to the PLAB directory.
optional control flag
Pluggable Authentication Module (PAM) control flags, when used, ignores the module result.
sufficient PAM control flag
Pluggable Authentication Module (PAM) control flags, when used, the module result is ignored upon failure.
uname
Print information about the current system.
ssh_config file
exists on the client and is used to configure SSH connection settings, such as using an IdentityFile directive to associate multiple keys with specific servers.
/etc/bashrc
file can be configured by the administrator and then used to provide system-wide Bash settings for all users of the system.
etc/default/grub
file contains GRUB 2 display menu settings that are read by the /etc/grub.d/ scripts and built into the grub.cfg file.
/proc/partitions
file contains a table with major and minor number of partitioned devices, their number of blocks and the device name in /dev.
/etc/default/grub
file contaning the grub2 specific configuration
authorized_keys
file exists on a remote server that lists the public keys that the server accepts. In other words, the server uses this file to authenticate the client.
ssh_config
file exists on the client and is used to configure SSH connection settings, such as using an IdentityFile directive to associate multiple keys with specific servers.
/etc/modprobe.conf
file is a configuration file that contains settings that apply persistently to all the modules loaded on the system.
/etc/hosts
file is a file that handles name resolution for an individual machine. Contains a list of hostname-to-IP address mappings the system can use to resolve hostnames.
/etc/grub2.cfg
file is symbolic link to /boot/grub2/grub.cfg
/etc/rsyslog.conf
file is the configuration file for the rsyslogd service. This file determines how to handle syslog messages through a variety of rules that you can modify as needed.
grub.cfg
file is the main configuration file for the GRUB 2 boot loader. On BIOS systems, it is located in the /boot/grub2/ directory.
/etc/dhcp/dhclient.conf
file is the primary Dynamic Host Configuration Protocol (DHCP) client reference file. This file enables overriding settings provided by a DHCP server, such as Domain Name Service (DNS) server settings.
/etc/sysconfig/network
file is used to configure whether networking should be enabled at boot, as well as hostname information, gateway information, etc. It is not a directory and does not contain interface configurations.
/etc/profile
file provides system-wide environment variables. This file is provided for administrators to configure if there are settings that should apply to all users.
e2fsck
file system check utility for ext2, ext3, and ext4 file systems.
/etc/nsswitch.conf
file that defines the sources (like DNS or local configuration files) and the order in which they are consulted when resolving hostnames.
/etc/modprobe.d/blacklist.conf
file will prevent the specified module from loading automatically.
JavaScript Object Notation (JSON)
files may be used to store information that is easy for most programming languages to interpret and use. One use of JSON files is for the quick deployment and configuration of one or more virtual machines.
ext2
filesystem is the second extended filesystem which is the traditional filesystem used in Linux, it supports access control lists (individual user permissions).
83 or 8300
Standard Linux system
full backups
all elected files, regardless of prior state, are backed up. Numerous full backups can consume a great deal of storage space, and the backup process can be slow.
differential backups
all selected files that have changed since the last full backup are backed up. When differential backups are used, you must restore the last full backup plus the most recent differential backup.
incremental backups
all selected files that have changed since the last full or incremental backup (whichever was most recent) are backed up.
IP address
an address that is assigned to a machine so that other machines can communicate with reach other
libvirt
an application programming interface (API) that provides the software building blocks for developers to write their own virtualization solutions.
/etc/systemd/journald.conf
The settings for journald are configured
systemctl -H
The systemctl command enables control of the systemd init daemon which provides an init method for initializing a system. By using the -H option, the operation is executed on a remote host specified by an IP (Internet Protocol) address or hostname.
time
The time command is used to gather information about how long it took to execute a command, as well as some additional statistics about the I/O and memory used in command execution. The syntax is time cp -R /path/source /path/destination.
netstat -r
This displays the route table.
/etc/exports
This file is used to specify what directories are made available on the network as well as providing access. The primary configuration file for NFS.
/dev/disk/by-id
This refers to an identifier based on the device's hardware serial number.
/dev/disk/by-uuid
This refers to an identifier based on the universally unique identifier (UUID) that was assigned to the device when a file system was created on it.
MBR (Master Boot Record)
Tiny bit of code that takes control of the boot process from the system BIOS. A program that reads the partition table to find the primary partition used to boot the system. Is the first physical sector on a storage drive and a type of partition structure.
modprobe -r
Unload a module from memory, or remove module
ping -4
Use the IPv4 network explicitly
.profile
User-specific Bash customizations are pulled from this file. Located in the user's home directory.
/home
Users' home directories, containing saved files, personal settings, etc.
X Window system
Uses the X protocol that leverages a client-server relationship to provide graphical user interface and input device management functionality to applications.
Performance issues
are caused by having inefficient hardware, in particular a very poor I/O system.
IP sets
are stored collections of IP addresses, network ranges, MAC addresses, port numbers, and network interface names. The iptables tool can leverage IP sets for more efficient rule matching.
String operators
are used in operations that manipulate strings in various Ways. This includes concatenating strings, returning a specific character in a string, verifying if a specific character exists in a string, and more.
public key
associates credentials with a digital certificate. Both users and devices can hold certificates which validate the certificate holder's identity.
Comparison operators
include checking if operands are equal, if one operand is less than or greater than another operand, and more. They include < > ==.
zombie state
indicates that a process was terminated, but that it has not yet been released by its parent process.
modprobe -a
insert all modules names on the command line
systemd-analyze
command is used to retrieve performance statistics for boot operations. The blame subcommand is used to identify services and other units that make the system slow to boot.
systemd-analyze
command is used to retrieve performance statistics for boot operations. The command takes one or more subcommands that determine what type of information to print and how. The systemd-analyze dump command outputs a long human-readable serialization of the complete server state.
env
command is used to run a command with modified environment variables. if you want to override values in child processes or add new ones.
netcat
command is used to test connectivity and send data across network connections.
iperf
command is used to test the maximum throughput an interface will support. The utility must be installed on both endpoint systems
depmod
command is used to update the module dependencies database. It is important to run this command when using modprobe. This ensures that modprobe will function correctly.
lshw
command lists each detected hardware component on the system and provides details about each device. It includes information such as the vendor, product name, capacity, speed, etc. This command does not report on device problems.
mkinitrd
command makes the initial ramdisk images for preloading modules. Adding the --with=nfsv4 option creates an initrd image with a Network File System (NFS) module installed.
awk
command performs pattern matching on files. This command can be used to process text files in a variety of ways, including extracting or deleting text matching a certain pattern.
nohup (no Hangup)
command prevents a process from ending when a user logs off the system.
whois
command provides information on Internet DNS registrations for organizations. This can be useful for learning or verifying information regarding ownership of a domain name, contact information for an organization, etc.
xargs
command reads from standard input and executes a command for each argument that is provided. The pipe operator is used between arguments to make the output of one command the input of the next command.
pvscan
command scans for all physical devices that are being used as physical volumes, volume groups, and logical volumes.
pkill
command sends any specified signal, or by default the termination signal, to processes based on a matching pattern.
killall
command sends any specified signal, or the default termination signal, to all processes matching the name specified.
visudo
command should be used with the /etc/sudoers file, because it verifies the syntax before committing changes, enabling the administrator an opportunity to correct mistakes before they become part of the running configuration.
mkfs -c /dev/device
command syntax will check the storage device for bad blocks before building the file system.
ls -i, df -i, du --inodes
command that displays inode information.
locale
command that displays locale information.
du
command that displays the amount of disk space in use. --total (produce a grand total), -h (human readable).
hostnamectl
command that is used to persistently configured the computers hostname
df
command that shows the available disk space on the file system. --total (produce a grand total), -h (human readable).
vmstat
command to display various information, such as CPU, swap, and memory utilization.
umount
command used to unmount a file system. Can specify either the device, label, or mount point (directory).
virsh list
command will retrieve a list of known VMs (virtual machines) on the system. The virsh command is useful when managing KVMs (kernel-based virtual machines).
sudo
configuration is appropriate for commands that need to be executed with elevated privileges.
Logical operators
connect multiple values together, so they can be evaluated. They include AND, OR, and NOT.
/sys/block
contain information about block devices on your system. Your local system has a block device named sda, so /sys/block/sda exists.
/var/log/syslog
contains all types of system events except for authentication messages and is primarily used by Debian-based distros.
/var/log/secure
contains authentication messages and is primarily used by RHEL and CentOS.
/proc
contains information about the process running on the system. Process are listed by PID, with hardware and process data both in the same directory. This file do not exist when the computer shutoff, when the kernel boots the computer this is created in real time.
/sys
contains information about the systems hardware and kernel modules.
/var/log/kern.log
contains kernel messages, such as dmesg output, which is used to print any messages that have been sent to the kernel's message buffer during and after system boot.
/var/log/[application]
contains messages from miscellaneous applications, such as cron, firewalld, and maillog.
iconv
converts files from one type of character encoding to another
mkfs
create a new files system on partition.
nmcli connection add
creates a new connection using specified properties
nmcli con edit
edit an existing connection or add a new one, using interactive editor
logrotate
utility is used to perform automatic rotation of logs. When executed, logrotate adds a .1 to the end of the file name of the current version of the log files. Previously rotated files are suffixed with .2, .3, etc.
memtester
utility is used to stress test RAM (Random Access Memories) modules.
iostat
utility provides overall statistics for block devices and partitions. Using the -d option specifies device information only.
tune2fs
utility used to adjust parameters on ext2, ext3, or ext4 file system
xfs_db
utility used to debug an XFS file system.
xfs_repair
utility used to repair XFS file system
X11
was developed by the Massachusetts Institute of Technology (MIT) in 1984. The X server coordinates client input and application output to determine how to draw elements on the screen.
TCP wrapper
which checks what hosts are explicitly allowed and denied before permitting the host to connect with the SSH service.
e2label
will display or change the filesystem label on the ext2, ext3, or ext4 filesystem located on device.
traceroute -T
will send TCP request instead of ICMP. Sometime firewall blocks ICMP.
Orchestration procedures
will vary by which solution is used, but in general orchestration steps involve defining a desired configuration and then delivering that configuration file to the destination system.
Bonding
involves configuring interfaces to be managed as a single device and have the same IP address configuration. The ability to bond two or more NICs is an important feature for a server. If there are two NICs in a bond, and one fails, the other is present to continue providing connectivity.
Cloning
is a backup storage method and is the process of copying all of the contents of a storage drive to another storage medium.
dumpe2fs
is a command line tool used to dump ext2/ext3/ext4 filesystem information, mean it displays super block and blocks group information for the filesystem on device.
Contexts
is a component of SELinx (Security-Enhanced Linux). SELinux defines three main contexts for each file and process. These contexts are user, role, and type.
/boot/vmlinuz
is a compressed executable file that contains the Linux kernel itself. The boot loader loads this file into memory during the boot process to initialize the operating system.
Simple Protocol for Independent Computing Environments (SPICE)
is a free and open source protocol designed for use in virtual environments. It is often used to connect to virtual machines (VMs) that are hosted by the Kernel-Based Virtual Machine (KVM) hypervisor.
XFS
is a high-performance 64-bit journaling file system created by Silicon Graphics, Inc (SGI) in 1993
Brace expansion
is a mechanism by which arbitrary strings may be generated. It is the first in the order of expansion.
digital signature
is a message digest that has been encrypted with a user's private key. Asymmetric encryption algorithms can be used with hashing algorithms to create digital signatures.
certificate signing request (CSR)
is a message sent to a CA in which an entity applies for a certificate and includes the public key and digital signature.
Command substitution
is a method of shell expansion in which the output of a command replaces the command itself. This is useful when you want to include a command's output within an existing string of text.
Mandatory Access Control (MAC)
is a model in which access is controlled by comparing an object's security designation and a subject's (users or other entities) security clearance. Both SELinux and AppArmor leverage MAC.
Mandatory access control (MAC)
is a model in which access is controlled by comparing an object's security designation and a subject's security clearance.
GPT (GUID Partition Table)
is a modern partition structure that is the successor to the master boot record (MBR). It is not a unit of storage
CIFS (Common Internet File System)
is a network filesystem protocol used for providing shared access to files and printers between machines on the network. A file access protocol. CIFS runs over TCP/IP and is the cross-platform version of SMB used between Windows, UNIX, and other operating systems.
SMB (Server Message Block)
is a network protocol used by Windows-based computers that allow systems within the same network to share files.
Linux Unified Key Setup (LUKS)
is a platform-independent FDE solution that is commonly used to encrypt storage devices in a Linux environment.
SSH port forwarding
is a remote access protocol that encrypts transmissions over a network. The process of tunneling an application through SSH to secure it in a transmission is called SSH port forwarding.
initrd
is a scheme for loading a temporary root files system into memory, which may be used as part of the linux startup
Identity and Access Management (IAM)
is a security process that provides identity, authentication, and authorization mechanisms for users, computers, and other entities to work with organizational assets like networks, operating systems, and applications.
certificate authority (CA)
is a server that issues digital certificates for entities and maintains the associated private/public key pair.
Storage integrity
is a symptom where magnetic hard disk drives may degrade over time and develop bad blocks.
chroot jail
is a technique of controlling what a process—a user, for example—can access on a file system by changing the root directory of that process's environment.
unicode
is a universal character encoding standard. It defines the way individual character are represented in text files, web pages, and other types of documents.
Automatic Bug Reporting Tool (ABRT)
is a utility that analyzes and reports on problems detected during system runtime.
environment variable
is a variable that is inherited from parent shell processes and is subsequently passed on to any child processes.
environment variable
is a variable that is inherited from parent shell processes and is subsequently passed on to any child processes. An environment variable consists of a name, usually written in uppercase letters, and a value, such as a path name.
positional parameter
is a variable within a shell script that is assigned to an argument when the script is invoked.
Tunables
is an AppArmor component that enable the configuration of functionality without directly modifying profiles.
nmtui
is an alternative command for nmcli which is based on "Text User Interface".
AppArmor
is an alternative context-based permissions scheme and Mandatory Access Control (MAC) implementation for Linux. works with file system objects based on paths.
Kerberos
is an authentication service that is based on a time-sensitive ticket-granting system. It is used as a single sign-on (SSO) method where the user enters access credentials that are then passed to the authentication server, which contains an access list and allowed access credentials.
digital certificate
is an electronic document that associates credentials with a public key. Both users and devices can hold certificates.
syslog
is an event logging standard that facilitates centralized logging services over a network that records text files, which include the data and time of an event, the process name and ID that sent the message, as well as the message itself.
OpenSSL
is an open source implementation of the SSL/TLS application layer (layer 7) protocol for securing data in transit using cryptography.
Zypper
is an openSUSE package manager that supports repositories, dependency solving, and management of the software lifecycle. It supports standard RPM (Red Hat Package Manager) .rpm packages.
Finger
is an outdated service used to retrieve the status of hosts and users over a network. It is susceptible to many attacks and should not be used.
NoMachine (NX)
is cross-platform proprietary remote desktop software that offers support for multi-session environments and account management.
Wayland
is display server and reference implementation in Unix-like operating systems that is meant to improve upon and replace the X Window System.
X Window System
is network-aware and can enable clients to access Graphical User Interface (GUI) elements over a network. It is possible to forward X traffic through a Secure Shell (SSH) tunnel. This process is known as X Forwarding.
type 2 hypervisor
is one that runs as a service on a locally installed operating system.
type 1 hypervisor
is one that runs directly on the hardware in a "bare metal" deployment. For example: VMWare ESXi.
self-signed certificate
is owned by the same entity that signs it. The certificate does not recognize any authority, certifies itself, and requires the client to trust the entity directly.
IP forwarding
is the Linux kernel implementation of networking routing functionality. It enables incoming traffic on one network interface to be forwarded to another network interface.
Security-Enhanced Linux (SELinux)
is the default context-based permissions scheme provided with CentOS and Red Hat Enterprise Linux. references inodes directly.
NTFS (New Technology File System)
is the file system that the Windows NT operating system uses for storing and retrieving files on a hard disk.
Word splitting
is the fourth step in the order of expansion. It is how the results of expansion are split into separate arguments.
shell environment
is the mechanism by which Bash, or any other shell, maintains settings and other behavioral details about the shell. The shell creates this environment when starting a session and uses the environment's settings to determine how to interact with the user.
syslogd service
is the original syslog service on Linux. It uses TCP instead of UDP, data encryption using SSL/TLS, outputs data to MySQL databases, and filters data based on content.
Shell expansion
is the process by which the shell identifies special tokens that it substitutes values for. Variable substitution is a type of shell expansion by which the shell identifies the $ special character and then expands a variable into its actual value.
requisite PAM control flag
is the same as the required control flag, but notifies the user immediately upon failure.
Tilde expansion
is the second step in the order of expansion. Tilde expansion is the process of converting certain abbreviations to the directory names that they stand for.
Bridging
is the term for connecting two networks into a single managed unit. Virtualized network environments support bridging.
Same time
is the third step in the order of expansion. There are four expansions that happen at the same time: parameter expansion/variable substitution, arithmetic expansion, command substitution, process substitution.
SSL/TLS
is used as a VPN authentication and encryption protocol, used primarily for remote access connections. application-layer (layer 7) protocol.
config file
is used to configure SSH key-based authentication in Linux. It is a file on the client that you can use to configure SSH connection settings.
aa-disable
is used to configure an AppArmor environment and disables a profile, unloading it from the kernel.
apparmor_status
is used to configure an AppArmor environment that displays the current status of AppArmor profiles.
raw table
is used to configure exceptions for packets involved in connection tracking. The raw table is one of five default tables available when using the iptables command to manage packet filtering and stateful firewall functions.
Secure Copy Protocol (SCP)
is used to copy data to or from a remote host securely over SSH. Whereas SCP is used purely for transferring files, SFTP can transfer files and manage files and directories.
quotacheck -cug
is used to create quota database files for a file system on a storage device and also to check for existing user and group quotas.
source command
is used to execute another command within the current shell process. In this sense, it performs the opposite functionality of the exec command.
brctl
is used to set up, maintain, and inspect the Ethernet bridge configuration on the Linux kernel. An Ethernet bridge is a device commonly used to connect different networks of Ethernet together, so that these Ethernet will appears as one Ethernet to the participants.
container
is virtualized application that runs on a host operating system where it is isolated from other containers.
interruptible sleep state
is when a process relinquishes access to the CPU (central processing unit) and waits to be reactivated by the scheduler. A process typically enters this state when it requests currently unavailable resources.
/proc/mounts
isplays exact same output as the /etc/mtab file, /etc/mtab file is a symbolic link of this file.
/etc/network
it works much like /etc/hosts, but it applies to network addresses and it reverses the order of the names and the ip address on each like
Cron
jobs are administrative tasks that are scheduled to run automatically. Scripts are usually called by the cron daemon to run at its specific set time and/or date.
fdisk
legacy command used to create partitions of the MBR (DOS) type.
kinit
linux command authenticates with Kerberos, granting the user a ticket granting ticket (TGT) if successful. Kerberos is an authentication service that is based on a time-sensitive ticket-granting system.
kpassword
linux command can be implemented to change the user's Kerberos password.
kdestroy
linux command can be implemented to clear the user's ticket cache.
klist
linux command can be implemented to list the user's ticket cache.
timedatectl list-timezones
list available time zones, one per line.
fdisk -l
list the partition tables for the specified devices. if no device are given , those mentioned in /proc/partitions are used.
/usr/lib/modules/[kernel_version]
locations of the kernel modules. to see the current modules, use the command substitution: (ls /usr/lib/modules/$(uname -r)
/opt
locations used for 'optional software, often used by third-party software vendors.
file system
maintains information such as the date of creation and modification of individual files, the size of files on the storage device, the type of files, and permissions associated with files. is a data structure that is used by an operating system to store, retrieve, organize, and manage files and directories on storage devices. provides a structured form for data storage.
parted
modern command used to create partitions of MBR or GPT types.
pam_ldap
module can specify directives that restrict what users can log in to and how they can access resources.
pam_cracklib.so
module contains functionality that prompts a user for a password and will test that password to see if it can be easily cracked in a dictionary attack.
pam_tally2
module is used to lock a user account after multiple authentication failure attempts have been made. However, pam_tally2 does not support user lockout when authentication is done over a screen saver.
required PAM control flag
module result must be successful in order to continue authentication. The user is notified when all tests in the module interfaces are finished.
pam_faillock
module will trigger a temporary user lockout and supports user lockout when authentication is done over a screen saver.
/etc/localtime
on Red Hat based distributions, this is a symbolic link that points back to /usr/share/zoneinfo/<timezone> as the system's time zone setting.
/etc/timezones
on debian based system, this file contains a system configured time zone setting.
Differential backups
only backup files that have changed since the last full backup. These are ideal for file backup scenarios. For a system update, a system-state backup is better suited for system recovery.
IPSec transport mode
only the packet contents are encrypted, whereas the header is not. Transport mode is typically used in remote access VPNs.
IPSec
operates at the network layer (layer 3) of the OSI model, so the protocol is not application-dependent. is a set of open, non-proprietary standards that can be used to secure data as it travels across the network or the Internet.
sudoedit
option is appropriate for files that need to be edited with elevated privileges. This command permits a user to edit a file with their own credentials, even if the file is only available to the root user.
Blob files
or binary large object files, are an example of object storage. Object storage may be more efficient than block storage, especially for larger files. For this reason, the data engineer may choose to use blob files to store large files when the main consideration is performance.
DNF (Dandified YUM)
package manager is an improved version of YUM (Yellowdog Updater, Modified) that supports RPM (Red Hat Package Manager) .rpm packages. It is not a linux distribution.
Fail2ban
prevents brute force attacks, but unlike DenyHosts, it does not focus on any one service. Instead, it can monitor log files that pertain to any system service with an authentication component.
DenyHosts
primarily protects SSH servers from brute force password cracking attacks, by monitoring the authentication log to look for the number of failed login entries based on an IP address.
nmcli dev status
print status of devices
blkid -o list
print the devices is a user-friendly format
du -d, --max-depth=N
print total for a directory (or file, wit -all) only if it is N or fewer levels below command line argument
modprobe
program to add and remove modules from the Linux Kernel
resize2fs
program will resize ext2, ext3, or ext4 file systems. It can be used to enlarge or shrink an unmounted file system located on device
Datagram Transport Layer Security (DTLS)
protocol essentially implements SSL/TLS over UDP datagrams and is used as an alternative VPN tunneling protocol.
iostat utility
provides overall statistics for block devices and partitions. Using the -d option specifies device information only. The output lists the number of reads and writes per second. A faulty drive might have lower reads and/or writes per second than expected.
Snapshots
record the state of a storage drive at a certain point in time and usually exist on the same drive. They are "checkpoints" that can be easily restored in the event a new system update is causing issues.
&>
redirection operator redirects both the standard output and the standard error message to a file. As an example, ls file1.txt file3.txt &> errorfile.txt (assuming that file1.txt exists and file3.txt does not, the output and errors will be redirected to the file errorfile.txt).
Link aggregation
refers to the combination of resources, such as bandwidth, for the purpose of fault tolerance, redundancy and load balancing.
Absolute path
refers to the complete details needed to locate a file or folder, starting from the root element and ending with the other subdirectories.
sfx_fsr
reorganizes data stored in blocks on an XFS file system. Similar to running a defrag utility on an MS windows file system
ss (socket statistics)
replacement for netstat. This command does not show routing table.
$?
represents the exit code of the last run command.
Image-based backups
save the state of an operating system in an image file format like ISO.
cfq (Complete Fair Querying)
scheduler is the default scheduler for modern versions of the Linux kernel. Its advantage over deadline I/O scheduling is that its services process fairly and provide good performance in most workload situations. The cfq scheduler uses a round-robin system to access each queue.
ping
send a message from one computer to another to check whether it is reachable and active
Virtual Private Network (VPN)
servers enable remote users to connect to the internal company network and access internal resources as if they were physically present at the network location.
syslogd
service is the original syslog service on Linux. It uses TCP instead of UDP, data encryption using SSL/TLS, outputs data to MySQL databases, and filters data based on content.
localectl
set the default system language and character encoding.
timedatectl set-time
set the system clock to specified time. This also update the RTC time accordingly.
timedatectl set-timezone
set the systems time zone to the specified value. This call will alter the /etc/localtime symlink.
nmcli dev show
show detailed information about devices, without an argument all devices are displayed
nmcli connection show
show details for specified connections. By default, both static and active connection data are displayed
ip -s addr
show statistics on configuration interfaces
netstat -ul
show what connections we are using for 'udp' connection
swapon --summary
shows a summary of the swap usage on a system, same information can found in /proc/swaps
netstat -tl
shows what connections we are using to listen for 'tcp' connection
Build automation
specifically emphasizes the initial operating system deployment. One example of build automation is the use of Kickstart files with Red Hat-derived distributions.
/sys/devices/
sub directory presents a hierarchical view of device information and include files that expose details about specific devices.
udevadm control
subcommand can modify the running state of udev.
udevadm trigger
subcommand executes rules that apply to any device that is currently plugged in.
/etc/hostname
system will use this file for a computers hostname. the 'hostnameclt' command will write systems new hostname to this file
timedatectl set-ntp [Bool]
takes a Boolean argument. Controls whether NTP based time synchronization is enabled.
/etc/X11/
ubdirectory contains configuration files for input and output devices that might impact the X.Org Server environment, such as keyboards, mice, and monitors.
lsblk
used to show all block devices on a system and their names
Secure File Transport Protocol (SFTP)
uses an SSH tunnel as a transportation mechanism to encrypt data. SFTP can transfer files and manage files and directories.
mke2fs
utility for creating new ext2, ext3, or ext4 file systems.
iostat
utility generates reports on CPU (Central Processing Unit) and device usage. For storage, it provides input and output statistics for block devices and partitions.
dig
utility is a powerful utility for information gathering and testing name resolution.
tcpdump
utility is another network analyzer or sniffer. Users can determine traffic type and content using this command. The syntax of the command is tcpdump [options] [-i {interface}] [host {IP address}].
xrdp
utility is free and open source utility that constructs a Remote Desktop Protocol (RDP)-like server for non-Windows systems.
dar
utility is similar to tar in that it is used to archive files. It extends upon tar by providing the ability to run incremental and differential archives as well as full archives.
nmgui
utility is the graphical user interface (GUI) for the NetworkManager. This tool will be familiar for end-users and provides a user-friendly way to configure network connections.
ethtool
utility is used to manage NIC driver and network configurations. This tool handles settings such as mode, channel, and frequency but does not handle traffic routing configurations.
network mask
A 32-bit binary mask that separates the network address from the host address in an IPv4 address
gdisk
A Linux partition management utility for partitions in the Globally Unique Identifier (GUID) Partition Table (GPT) format.
netstat
A TCP/IP troubleshooting utility that displays statistics and the state of current TCP/IP connections. It also displays ports, which can signal whether services are using the correct ports.
NFS (Network File System)
A client/ server application that enables users to access shared files stored on different types of computers and work with those files as if they were stored locally on their own computers. it is one of NAS (Network Attached Storage) protocol.
UTF-8
A coding system for storing characters in bits, extending the 8-bit ASCII coding system to include international characters by sometimes using more than 8 bits.
iwconfig
A command-line utility for viewing and setting wireless interface parameters on Linux and UNIX workstations.
Xorg
A common implementation of X Windows used in Linux distributions. the configuration file for Xorg is /etc/x11/xorg.conf.
TCP (Transmission Control Protocol)
A connection-oriented, guaranteed-delivery protocol used to send data packets between computers over a network like the Internet.
IP (Internet Protocol)
A connectionless Network-layer protocol that is responsible for sending data packets across a network.
ICMP (Internet Control Message Protocol)
A core protocol in the TCP/IP suite that notifies the sender that something has gone wrong in the transmission process and that packets were not delivered.
/etc/mtab
A file that stores a list of currently mounted filesystems. This is a symbolic link to the /proc/mounts file.
/etc/fstab
A file used to specify which filesystems to mount automatically at boot time and queried by the mount command if an insufficient number of arguments is specified.
AppArmor modes
A profile is a component of the AppArmor context-based permissions scheme. AppArmor profiles can operate in one of two different modes. In enforce mode, profile violations are both logged and prevented.
nslookup
A utility that is used to test and troubleshoot domain name servers.
LVM (Logical volume management)
An advantage of LVM is that a logical volume can exceed the size of any one physical device, as long as it doesn't exceed the total size of devices in the volume group. An advantage of LVM is that you can create virtual snapshots of each logical volume so you can quickly and easily revert a volume to a specific state. An advantage of LVM is that you can dynamically create, delete, and resize a volume without having to reboot the system.
Windows Manager
An application that controls the display such as by providing GUI icons, boxes, and buttons.
ext4
An improved version of the ext3 filesystem with an extended feature set and better performance.
arp
command is used to relate IP addresses and MAC addresses. Computers will cache recently resolved MAC and IP address combinations.
ifconfig
Command that displays IP address and other interface-related info
Container images
Containerization virtualizes at the operating system (OS) layer, providing application isolation, even though the applications are sharing a single OS. Containers may be useful for hosting production applications as well as for testing applications by developers.
.bashrc
Contains any user specific aliases and functions
.bash_profile
Contains the user's specific environment and startup programs
GUID Partition Table (GPT)
One of two methods used to organize partitions on a hard drive. A GPT partitioning system installed on a hard drive can support 128 partitions and is recommended for drives larger than 2 TB. Compare with Master Boot Record (MBR).
Device mapping
Device mapping is the name of the process for abstracting physical storage devices into virtual storage devices.
netstat -p
Displays process IDs
dmesg
Displays the contents of the kernel ring buffer. The output of this command typically contains the message produced by the device drivers
StrongSwan
One popular utility for implementing IPSec tunnels for VPN clients
noop
I/O scheduler is the simplest scheduler and does not sort I/O requests, but merely merges them. This can be ideal in situations where the device or its storage controller performs its own sorting operations. It can also benefit devices that don't have mechanical components requiring seek time, like SSDs and USB flash drives, because this scheduler doesn't expend much effort in reducing seek time.
deadline
I/O scheduler performs sorting of I/O operations using three queues: a standard pending request queue, a read first in first out (FIFO) queue, and a write FIFO queue; the latter two of which are sorted by submission time and have expiration values.
ping -6
IPv6 ICMP echo request
Logical Volume Manager (LVM)
It is a system of managing logical volumes or filesystems, that is much more advanced and flexible than the traditional method of partitioning a disk into one or more segments and formatting that partition with a filesystem.
GRUB 2
One of the improvement over older version is that is that it has support for custom graphical boot menus and themes.
8e
Linux LVM Volumes
82 or 8200
Linux Swap partitions
ping6
Linux command-line utility specifically designed to ping hosts with an IPv6 address.
insmod
Older method used to insert modules into the kernel
rmmod
Older method used to remove modules from the kernel
iostat
Report Central Processing Unit (CPU) statistics and input/output statistics for devices and partitions.
id_rsa
SSH authentication file contains the user's private key. You can enter cat .ssh/id_rsa to examine the encrypted private key.
id_rsa.pub
SSH authentication file contains the user's public key. You can enter cat .ssh/id_rsa.pub to examine the public key.
known_hosts
SSH authentication file exists on the client and lists the public keys that the client accepts. In other words, the client uses this file to authenticate servers.
ssh-add
SSH key command adds private key identities to the SSH key agent. If the key is protected by a password, the user only needs to enter the password once, and the agent will automatically authenticate the user.
ssh-copy-id
SSH key command appends user's public keys to the remote server's authorized_keys file so that the server can authenticate the user's private key.
mask
Systemctl subcommand prevents a provided unit file from being enabled or activated, even when done manually.
aa-unconfined
The AppArmor command, is used to configure an AppArmor environment and is used to list processes with open network sockets that don't have an AppArmor profile loaded.
ext3
The Linux file system that was the first to support journaling, which is a technique that tracks and stores changes to the hard drive and helps prevent file system corruption.
vmlinuz
The Linux kernel file, compressed version of vmlinux. it is capable of loading the OS into memory so that computer becomes usable and loaded as part of the kernel boot loader.
X Forwarding
The X Window System is network-aware and can enable clients to access Graphical User Interface (GUI) elements over a network. It is possible to forward X traffic through a Secure Shell (SSH) tunnel.
/etc/securetty
The ability to restrict users to login as root on any terminal other than console is controlled with the _____________ file.(Linux)
mount -a
The auto will read the /etc/fstab file
resource exhaustion
The available file descriptors have all been consumed.
/boot directory
The directory that contains the Linux kernel and files used by the boot loader data block.
TZ
The environment variable TZ={time zone} specifies the system time zone. This is an alternative to using commands like date or timedatectl to set the time zone.
exec command
The exec command is used to execute another command, replacing the current shell process with this new program's process (no new process is created).
fuser
The fuser command displays the list of processes that are using files and sockets.
UDP (User Datagram Protocol)
a "stateless" connection between two hosts. Data packets are sent to destination without any verification that they were receive. The side effect of this type of communication is that there is less network overhead than TCP connection.
ASCII
a code for representing English characters as numbers, with each letter assigned a number from 0 to 127
Virtual Network Computing (VNC)
a cross-platform remote desktop service that enables full remote control of a desktop environment. VNC consists of its own client and server applications.
degraded storage
When a storage drive in a RAID array has failed
Network Gateway
a device that allows one LAN to be linked to other LANs or to larger networks
Broadcast Address
a dotted-decimal number that represents all hosts in an IP network
inode
a inode (index node) stores information about files and folders, such as: permissions, ownership, and file type.
tracepath
a modern replacement for the traceroute command, but uses UDP packets instead of ICMP
relative path
a path that begins at the current working directory.
stat --format=%i <file or directory name>
You can also display the inode of a single file or directory. To display the inode of a file, type the following command.
export
You can effectively change a shell variable into an environment variable by using this command.
nmcli connection up
activate a connection
nmcli con modify
add, modify or remove properties int eh connection profile. to set the property just specify the property name followed by the value. an empty value ("") removed the property value
umount -l
aka lazy unmount, n which the file system is detached from the hierarchy, but references to that file system are not cleaned up until the file system is no longer being used.
arp
command is used to relate IP addresses and MAC addresses. Computers will cache recently resolved MAC and IP address combinations. If a computer has cached incorrect or out-of-date information, connectivity may be lost to a node. The ARP cache can be cleared as part of the troubleshooting process.
IPSec tunnel mode
both the packet contents and header are encrypted. Tunnel mode is typically used in site-to-site VPNs.
/
bottom of the directory tree, the 'root'
wget
command is used to retrieve files via HTTP/S (Hypertext Transfer Protocol/Secure) and the FTP (File Transfer Protocol). This command is capable of downloading files recursively.
fdisk -l <device>
can be used to list out partition information on the specified disk
mount
can be used to mount partitions to directories, or show all existing mounts without any options.
fsck
check and repair a Linux filesystem. Can be invoked via command, and configured in /etc/fstab. Device must be unmounted before a check can run.
chkconfig
command can be used to control services in each runlevel. It can also be used to start or stop services during system startup.
make
command compiles the source code using the information in the makefile. This makes the compile code executable on another system.
lvcreate
command creates logical groups in a volume group created by vgcreate. A file system is created on the logical volume and then a mount point, usually a directory, is mounted to the logical volume.
vgcreate
command creates volume groups using a special block device that was configured by pvcreate.
iftop
command displays bandwidth usage information for the system, helping to identify whether a NIC or protocol is consuming the most bandwidth.
iftop
command displays bandwidth usage information for the system, helping to identify whether a NIC or protocol is consuming the most bandwidth. This command can help you identify why a link may be slow by showing the traffic on that connection.
modinfo
command displays information about a particular kernel module, such as the file name of the module, license, description, author's name, module version number, dependent modules, and other parameters or attributes.
sar
command displays system usage reports based on data collected from system activity regarding CPU usage only. By default, the sar command reports CPU usage in 10-minute intervals.
lsmod
command displays the currently loaded kernel modules, their sizes, usage details, and their dependent modules.
vmstat
command displays various statistics about virtual memory, as well as process, CPU, and I/O statistics.
journalctl
command enables you to view and query log files created by the journal component of the systemd suite. Log information is collected and stored via the systemd journald service.
:!
command executes a command and displays the result in the Vim interface. The syntax is :!{any Linux command}.
pvcreate
command initializes a drive or partition to use as a physical volume with the Logical Volume Manager (LVM).
mtr
command is a combination of ping and traceroute, with additional improvements to enable testing of the quality of a network connection.
mtr
command is a combination of ping and traceroute, with additional improvements to enable testing of the quality of a network connection. The mtr -c 5 google.com command will test connectivity to Google's website, with a ping count of 5.
curl
command is a method that is used to access and retrieve files from a website. It is not capable of downloading files recursively.
mdadm
command is a tool used to manage software-based Redundant Array of Independent Disks (RAID) arrays. The mdadm tool enables you to create, manage, and monitor RAID arrays.
virsh
command is an interactive shell to manage KVM (Kernel Virtual Machine) virtual machines.
tracepath
command is like traceroute but does not require administrative privilege. It outputs a list of the nodes along the network path, each node's name or IP address, round trip time, and (maximum transmission unit) MTU information.
aa-complain
command is one of the major commands that you can use to configure an AppArmor environment. The aa-complain command places a profile in complain mode.
free
command is used for only memory usage statistics. It parses the /proc/meminfo file to gather information. Its default behavior is to display information about system memory and swap space.
abrt-cli
command is used to configure the Automatic Bug Reporting Tool (ABRT) service. ABRT is used to analyze and report on problems detected during system runtime including device problems.
rsync
command is used to copy files locally and remotely over SSH. Its real power lies in its efficient use of network bandwidth; instead of copying all files, it only copies differences between files.
setquota -g
command is used to create a storage quota for a group. The syntax is setquota -g {groupname}.
edquota -g
command is used to edit an existing storage quota for a group. The syntax is edquota -g {groupname}.
setquota -u
command is used to edit an existing storage quota for a user. The syntax is setquota -u {username}.
nmcli connection down
deactivates a connection
Pluggable Authentication Modules (PAM)
define the underlying framework and centralized authentication method leveraged by authentication services like Kerberos and LDAP.
SELinux security policy
defines access parameters for every process and resource on the system. It enforces rules for allowing or denying different domains and types to access each other.
nmcli connection delete
delete a connection
Context-based permissions
describe multiple types of information about processes and files that are used in combination to make decisions related to access control. SELinux and AppArmor are the two main context-based permission schemes.
/boot/efi
directory contains boot files for an EFI system partition (ESP), which is a required partition for systems that boot from Unified Extensible Firmware Interface (UEFI). It contains a boot loader, device driver, and system application files that are executed by UEFI. Boot loader files are typically named with a .efi extension.
/boot/grub2
directory contains configuration files for a type of boot loader called GRUB 2. GRUB2 configuration directory, inside this directory, lives the "grub.cfg" file
/boot/grub
directory contains configuration files for a type of boot loader called GRUB. legacy GRUB configuration directory, inside this directory, lives "menu.lst / grub.conf file. These files are used to build a menu of choices display on boot.
/etc/grub.d/
directory contains scripts that are used to build the main grub.cfg file. Each script provides various functions to GRUB 2 and is numbered so that the scripts can execute in a sequence.
/usr/lib/modules/
directory contains the modules of different kernel version that are installed. you need to drilled into the directory belonging to the the current kernel version to find the installed drivers.
/usr/lib/modules/`uname -r`/drivers/
directory contains the modules of different kernel versions that are installed. It holds a directory named after the kernel's version number. Inside this directory, modules are stored across various subdirectories based on the categories to which they belong.
/pro/sys
directory lists the parameters that you can configure on your system.
/etc/modprobe.d/
directory location where kernel modules can be listed in blacklist files, preventing the kernel from loading them. ll files underneath the /etc/modprobe.d directory which end with the .conf extension specify those options as required.
/etc/profile.d
directory serves as a storage location for scripts administrators may use to set system-wide variables.
/etc/skel
directory with configuration files or other content. This content is copied to new user home directories when the useradd command is used.
stat
display file or file system status.
ip addr show
displays IP address information
Traceroute
displays a listing on the 'hops' a packet will traverse to get to a destination. used to verify network routing and look for breaks in network communication
ip route show
displays routing table
blkid
displays the file systems universally unique identifier(UUID)
umount -f
forces a file system to be unmounted despite any detected issues. This command would attempt to kill the processes running on the file system.
Remote Secure Shell (SSH)
forwarding sends inbound client traffic to a server off to another system on a different port.
Local Secure Shell (SSH)
forwarding tunnels a local client connection on a port to a remote server. An example is remotely accessing a system over the Internet like Virtual Network Computing (VNC).
ioping
generates a report of device latency in real-time.
File Hierarchy Standard (FHS)
he Filesystem Hierarchy Standard (FHS) defines the directory structure and directory contents in Linux distributions.
Arithmetic operators
include addition, subtraction, multiplication, division, and other more advanced mathematical operations.
OVF (Open Virtualization Format)
template contains the necessary configuration files and packages for virtual machines and network devices. These files may be used in the deployment of virtual machines in a virtualized environment. They are made up of multiple files and all are required to be successfully deployed.
OVA (Open Virtualization Appliance)
template refers specifically to a single package representing the network appliance, usually stored in a different format, such as a .tar file. Transferring a single file template is much easier than a template format with multiple files such as an OVF template.
swap space
temporary storage that acts like RAM. When a percentage of RAM is full, the kernel will move less used data to this file
a pseudo-file system
that is dynamically created whenever it's accessed. it's used to access process and other system information from linux kernel.
private virtual network
the VM is connected to a virtual switch that permits network communication with other virtual machines and with the host operating system, but no network connectivity to the physical NIC.
public virtual network
the VM is connected to a virtual switch that permits network communication with other virtual machines, the host operating system, and the physical NIC (Network Interface Card).
/boot
the boot volume for GRUB, the kernel and related files are stored here
/usr/share/zoneinfo
the directory that contains all the available time zones that a computer could potentially use for its settings.
uninterruptible sleep state
the process will only wake when the resource it's waiting for is made available to it. Otherwise, it will stay in its sleep state. This state is common for processes that perform storage or network I/O (input/output).
/var
the variable location, log files and dynamic content (such as web sites) are often found here
internal virtual network
the virtual machine (VM) is connected to a virtual switch that permits network communication with other virtual machines, but not network communication with the host operating system or the physical NIC (Network Interface Card).
lsinitrd
this command allow you to view the contents of an initramfs file
ifup
this command is used to bring up a interface
Host
this command is used to resolve domain names to ip address. not installed by default, need to install the bind-utils package
ifdown
this command used to bring a interface
Dracut
this command will create a new initramfs for kernel on the system. It can be used to add or remove modules and drivers from initramfs builds
Date
this command will display the current date and time in multiple formats, and to set the date and time.
timedatectl
this command will display the current date and time settings, and will allow the updating of the system time RTC (real time aka time on the mother board) clock.
/etc/resolv.conf
this file contains the ip address of DNS name servers that the host will use for name resolution
tzselect
this is a menu driven command that will assist in finding a region's time zone.
nmcli con
this is short for 'connection' which contains the network configuration settings assigned to a particular device. we assign our IP and DNS settings to a connection
nmcli dev
this is short for 'device' which is the physical hardware (such as network interface card) that we use to connect to the network
nmcli
this is the command utility used for configuring network devices and their connections settings.
route
this utility will display the routing table, add, and delete routes. It has been replaced by the ip route command