Skip to content
Linux Administration
Essential Linux Commands — 50+ Commands for Daily Administration

Essential Linux Commands — 50+ Commands for Daily Administration

DodaTech Updated Jun 7, 2026 9 min read

The Linux command line is the most powerful tool in a system administrator’s arsenal. This guide covers 50+ essential commands organized by category — file operations, process management, permissions, networking, text processing, and system monitoring.

What You’ll Learn

By the end of this tutorial, you’ll know the essential Linux commands for navigating the file system, managing files and processes, setting permissions, troubleshooting networks, processing text with grep/awk/sed, and monitoring system health.

Why Essential Commands Matter

Every system administration task — from debugging a slow server to deploying an application — comes down to running the right commands. Knowing these commands by heart means you can diagnose and fix issues faster. At DodaTech, DodaZIP compression servers and Durga Antivirus Pro threat detection pipelines rely on shell commands for log analysis, process management, and automation.

Essential Commands Learning Path 

    flowchart LR
  A[Linux Basics] --> B[Server Setup]
  B --> C[Essential Commands]
  C --> D[System Administration]
  D --> E[Package Management]
  C --> F{You Are Here}
  style F fill:#f90,color:#fff
Prerequisites: A Linux terminal and basic familiarity with Linux fundamentals. These commands work on any distribution.

File and Directory Operations 

# Navigate and list
pwd                    # Print working directory
ls -la                 # List all files with details
cd /var/log            # Change directory
mkdir -p a/b/c         # Create nested directories

# View files
cat file.txt           # Display entire file
less file.txt          # Scroll through file (q to quit)
head -n 20 file.txt    # First 20 lines
tail -f /var/log/syslog # Follow log in real time

# Create and manipulate
touch newfile.txt      # Create empty file
cp source dest         # Copy file
cp -r dir1 dir2        # Copy directory recursively
mv old new             # Move or rename
rm file.txt            # Delete file (permanent!)
rm -rf dir             # Delete directory and contents
ln -s target link      # Create symbolic link

File Permissions 

# Change permissions (u=user, g=group, o=others, a=all)
chmod u+x script.sh    # Add execute for owner
chmod 755 script.sh    # rwxr-xr-x (numeric mode)
chown alice:admins file.txt  # Change owner and group
chgrp developers file.txt    # Change group only

# View permissions
umask                  # Show default permission mask
ls -l                  # permissions are the first column
stat file.txt          # Detailed file metadata

Expected output for ls -l:

-rw-r--r--  1 alice admins  1024 Jun  7 12:00 file.txt

Process Management 

# View processes
ps aux                 # All processes (BSD style)
ps -ef                 # All processes (Unix style)
top                    # Interactive process viewer
htop                   # Enhanced version of top

# Process signals
kill 1234              # Terminate process by PID
kill -9 1234           # Force kill (SIGKILL)
kill -15 1234          # Graceful stop (SIGTERM)
pkill nginx            # Kill processes by name

# Background and foreground
command &              # Run in background
nohup command &        # Run immune to hangups
jobs                   # List background jobs
fg %1                  # Bring job 1 to foreground

Networking Commands 

# Connection monitoring
ss -tuln               # Show listening ports (modern netstat)
ss -tup                # Show active connections with processes
ping -c 4 8.8.8.8      # Test network connectivity

# DNS and routing
dig example.com        # DNS lookup
nslookup example.com   # Simplified DNS query
host example.com       # Quick host lookup
traceroute example.com # Trace network path (use mtr for better)

# Download files
curl -O https://example.com/file.tar.gz
wget https://example.com/file.tar.gz

# SSH operations
ssh user@host          # Connect to remote host
scp file user@host:/path/  # Copy file over SSH
rsync -av src/ user@host:/dest/  # Sync directories

Text Processing

grep — Pattern Search 

# Search in files
grep "error" /var/log/syslog           # Find lines containing "error"
grep -i "warning" log.txt              # Case-insensitive search
grep -r "TODO" /home/projects/         # Recursive search
grep -c "failed" auth.log              # Count matches
grep -E "err(or|atic)" log.txt         # Extended regex

awk — Column-Based Processing 

# Print specific columns
awk '{print $1, $3}' /var/log/syslog   # First and third columns

# With field separator
awk -F':' '{print $1}' /etc/passwd     # Print usernames

# Conditional processing
awk '$3 > 50 {print $1, $3}' data.txt  # Print if column 3 > 50

sed — Stream Editor 

# Find and replace
sed 's/old/new/g' file.txt             # Replace all occurrences
sed -i 's/old/new/g' file.txt          # In-place edit

# Line operations
sed -n '5,10p' file.txt                # Print lines 5-10
sed '/^#/d' config.txt                 # Delete comment lines
sed 's/  */ /g' file.txt               # Collapse whitespace

Example — Analyzing a log file with combined tools:

# Count unique IPs in an Apache access log
awk '{print $1}' /var/log/apache2/access.log | sort | uniq -c | sort -nr | head -10

Expected output:

 2347 192.168.1.100
 1892 10.0.0.55
 1456 203.0.113.42
  892 198.51.100.7
  445 192.168.1.200

System Monitoring 

# Disk and memory
df -h                  # Disk usage (human-readable)
du -sh /var/log        # Directory size
free -h                # Memory usage

# System info
uname -a               # Kernel version and architecture
lscpu                  # CPU details
lsblk                  # Block devices and partitions
dmesg | tail           # Recent kernel messages
uptime                 # System uptime and load

# Resource-intensive processes
ps aux --sort=-%mem | head    # Top memory processes
ps aux --sort=-%cpu | head    # Top CPU processes

Archive and Compression 

# tar (tape archive)
tar -czf archive.tar.gz /path/to/dir   # Create gzipped archive
tar -xzf archive.tar.gz                # Extract gzipped archive
tar -cjf archive.tar.bz2 /path         # Create bzipped archive
tar -tf archive.tar.gz                 # List contents

# zip
zip -r archive.zip /path/to/dir        # Create zip
unzip archive.zip                      # Extract zip

Command Combinations and Pipelines

The real power of Linux comes from combining commands with pipes (|):

# Find the 5 largest files in a directory
find /var/log -type f -size +1M | xargs ls -lhS | head -5

# Find processes using more than 500MB of memory
ps aux | awk '$6 > 500000 {print $11, $6/1024 " MB"}'

# Monitor failed SSH login attempts in real time
tail -f /var/log/auth.log | grep "Failed password"

Common Command Mistakes

1. rm -rf Without Checking

rm -rf / with a space before / (or running in the wrong directory) destroys everything. Always triple-check before running destructive commands. Use ls first to confirm you’re in the right place.

2. Piping to rm Incorrectly

find . -name "*.log" | xargs rm is dangerous if filenames contain spaces. Use find . -name "*.log" -delete or find . -name "*.log" -print0 | xargs -0 rm instead.

3. Using > Instead of >>

A single > overwrites a file. >> appends. echo "data" > config.cfg will wipe your configuration file if it already exists.

4. Forgetting Quotation Marks

grep hello world file.txt searches for “hello” in file “world” and “file.txt”. You need grep "hello world" file.txt to search for the phrase.

5. Confusing kill Signals

kill -9 (SIGKILL) doesn’t let the process clean up. Always try kill -15 (SIGTERM) first to give the process a chance to save state and close resources gracefully.

6. Not Using -- to End Options

If a filename starts with a -, commands interpret it as an option. Use -- to signal the end of options: rm -- -myfile.txt.

7. Assuming sudo Makes Everything Safe

sudo rm -rf / as root is still destructive. sudo gives you power but doesn’t protect you from yourself.

Practice Questions

1. What command shows the 10 most CPU-intensive processes?

ps aux --sort=-%cpu | head -11 shows processes sorted by CPU usage descending, limited to the top 10 plus the header.

2. What does grep -r "FIXME" --include="*.py" . do?

It recursively searches all Python files in the current directory tree for the string “FIXME”, showing each match with its file path and line number.

3. How do you find all files modified in the last 24 hours?

find / -mtime 0 -type f finds files modified in the last 24 hours. -mtime 1 means 24-48 hours ago.

4. What’s the difference between > and >> in shell redirection?

> redirects output to a file, overwriting it if it exists. >> appends output to the end of a file without overwriting.

5. Challenge: Write a one-liner that counts how many unique users have entries in /etc/passwd using awk and wc.

Answer: awk -F':' '{print $1}' /etc/passwd | wc -l or more precisely awk -F':' '{print $1}' /etc/passwd | sort -u | wc -l.

Mini Project: Log Analyzer Script

Create a script that analyzes an Apache or Nginx access log:

#!/bin/bash
# log_analyzer.sh — Analyze web server access log
# Usage: ./log_analyzer.sh /var/log/nginx/access.log

LOG_FILE="${1:-/var/log/nginx/access.log}"

if [ ! -f "$LOG_FILE" ]; then
    echo "Error: Log file not found: $LOG_FILE"
    exit 1
fi

echo "=== Web Server Log Analysis ==="
echo "File: $LOG_FILE"
echo ""

# Total requests
total_lines=$(wc -l < "$LOG_FILE")
echo "Total requests: $total_lines"

# Unique IPs
unique_ips=$(awk '{print $1}' "$LOG_FILE" | sort -u | wc -l)
echo "Unique IPs: $unique_ips"

# HTTP status code distribution
echo ""
echo "=== HTTP Status Codes ==="
awk '{print $9}' "$LOG_FILE" | sort | uniq -c | sort -rn

# Most requested pages
echo ""
echo "=== Most Requested Pages ==="
awk '{print $7}' "$LOG_FILE" | sort | uniq -c | sort -rn | head -10

# Busiest hour
echo ""
echo "=== Busiest Hour ==="
awk '{print $4}' "$LOG_FILE" | sed 's/\[//' | cut -d: -f2 | sort | uniq -c | sort -rn | head -5

Expected output (varies by log file):

=== Web Server Log Analysis ===
File: /var/log/nginx/access.log
Total requests: 15234
Unique IPs: 892

=== HTTP Status Codes ===
   12034 200
    1890 304
     890 404
     520 301
     100 500

=== Most Requested Pages ===
    2345 /index.html
    1890 /api/v1/status
    1234 /about
     890 /contact
     445 /download

=== Busiest Hour ===
    2345 14
    2100 15
    1890 10
    1678 11
    1456 16

FAQ

How do I remember all these commands?
You don’t need to memorize every option. Focus on the most common commands and use man command (manual) or command --help for reference. Practice daily — muscle memory builds quickly.
What’s the difference between soft and hard links?
A soft link (symlink) is a pointer to a file name — it breaks if the target is moved or deleted. A hard link is a direct reference to the file’s data on disk — it remains valid even if the original name is removed.
When should I use htop instead of top?
htop is more user-friendly with color coding, mouse support, and easier process management (F9 to kill). Install it with sudo apt install htop. Use top when htop isn’t available.
How do I search for a command I forgot?
Use apropos keyword to search command descriptions. For example, apropos compress shows all commands related to compression. Or try man -k keyword.
Can these commands be used in scripts?
Yes, all of them. Bash scripting combines these commands with variables, loops, and conditionals to automate complex tasks. Python can also invoke these commands via the subprocess module.

What’s Next

System Administration
Next
Package Management
Related
Server Setup Guide
Related

Built by the developers of Doda Browser, DodaZIP, and Durga Antivirus Pro.

Previous Initial Server Setup Guide — Linux Hardening Basics Next Linux System Administration — Users, Services, and Monitoring

Built by the developers of DodaTech

Doda Browser, DodaZIP & Durga Antivirus Pro

Home Browse Linux Administration