Linux Basic Commands: A Practical Cheat Sheet for Beginners
By Mason Goulding · · Updated
Copy-paste recipes with safety notes. When in doubt, read the manual: man <tool>.
2) Files & Directories
Create, copy, move, and remove—safely.
# create files and directories
touch notes.txt
mkdir -p src/components
# copy (file → file, or into dir)
cp file.txt backup.txt
cp file.txt docs/
# move / rename
mv README.md README.old.md
mv *.log logs/
# remove (prompt before delete)
rm -i file.txt
rm -rI old_project/ # 'I' prompts once if many files
# safer delete: send to trash if you have 'trash-cli'
trash-put file.txt
⚠️ Danger zone: rm -rf / or a bad wildcard can wipe systems.
Prefer rm -rI (capital i) to get a one-time bulk prompt.
For deeper control over ownership and modes, read Linux File Permissions.
3) View & Edit Text
Peek at files without opening a full editor.
# print entire file or concatenate
cat notes.txt
# first / last lines
head -n 20 access.log
tail -n 50 access.log
tail -f /var/log/syslog # follow updates
# page through with navigation
less bigfile.txt # /pattern to search, q to quit
# quick edits (nano is beginner-friendly)
nano notes.txt4) Search: Files & Inside Files
# find files by name (case-insensitive)
find . -iname "*.png"
# find by type and size
find . -type f -size +50M
# run an action on results (here: show human sizes)
find . -type f -name "*.log" -exec du -h {} +
# text search with ripgrep (fast) or grep
rg "ERROR|WARN" -n
grep -Rin "api_key" .
# locate using the system index (run 'sudo updatedb' occasionally)
locate nginx.conf5) Permissions & Ownership
Know who can read/write/execute—and how to change it.
# show long listing with modes and owners
ls -l
# change permission (symbolic)
chmod u+rw,go-r file.txt
# change permission (octal: rwx = 7, rw- = 6, r-x = 5, r-- = 4)
chmod 644 file.txt
chmod 755 scripts/run.sh
# change owner / group (requires sudo)
sudo chown mason:mason file.txt
# add execute bit to a script
chmod +x deploy.shNew to modes and sticky bits? Walk through examples in Linux File Permissions.
6) Processes & Jobs
# list processes (wide + tree)
ps aux | less
pstree -p | less
# top / htop for live view (install 'htop' first)
top
htop
# kill by PID or by name (gently, then force)
kill 12345
pkill -f "node server"
kill -9 12345 # SIGKILL (last resort)# run jobs in background / bring to foreground
sleep 60 & # background
jobs
fg %1 # bring job 1 to foreground
Ctrl+Z # suspend current job
bg %1 # resume in backgroundSystem health & metrics: see System Monitoring.
7) Networking Basics
# show interfaces and addresses
ip a
# check DNS / reachability
ping -c 4 example.com
dig example.com +short
nslookup example.com
# open ports (requires 'ss' or 'netstat' pkg)
ss -tulpn | less # listening sockets
curl -I https://example.com # HTTP headersMore commands (SSH, traceroute, firewall) live in Linux Networking.
8) Packages (Install, Update, Remove)
Debian/Ubuntu (APT)
sudo apt update
sudo apt upgrade
sudo apt install <pkg>
apt search <term>
apt show <pkg>
sudo apt remove <pkg>
sudo apt autoremoveArch (pacman)
sudo pacman -Syu # sync + full upgrade
sudo pacman -S <pkg>
sudo pacman -Rns <pkg>
pacman -Ss <term>
pacman -Qi <pkg>Reference: Arch Wiki – Pacman.
Package archives & tarballs explained here: Working with Tarballs and Package Management.
9) Compression & Archiving
# create a gzipped tar archive
tar -czf site-backup.tgz /var/www/site
# extract into current directory
tar -xzf site-backup.tgz
# zip / unzip
zip -r site.zip site/
unzip site.zip -d ./site10) Disk & System Info
# disk space by filesystem / inode usage
df -h
df -i
# per-dir sizes (top level)
du -h --max-depth=1
# memory / CPU
free -h
lscpu
# OS release and kernel
cat /etc/os-release
uname -a11) Remote: SSH, SCP & Rsync
# login to a server
ssh user@host
# copy file to server (local → remote)
scp ./backup.tgz user@host:/home/user/
# sync a folder (dry run first!)
rsync -av --dry-run ./public/ user@host:/var/www/site/
rsync -av --delete ./public/ user@host:/var/www/site/12) Shell Productivity (Pipes, History, Aliases)
# chain commands with pipes
journalctl -u nginx --no-pager | rg "error|warn" -n
# sort / unique with counts
cut -d" " -f1 access.log | sort | uniq -c | sort -nr | head
# history search (press Ctrl+R, then type)
# or grep it explicitly
history | grep ssh
# quick aliases (add to ~/.bashrc or ~/.zshrc)
alias ll='ls -alh'
alias gs='git status'
# variables & export
export EDITOR=nanoWhen you’re ready, level up with Shell Scripting.
13) Text Processing: cut, sort, uniq, awk, sed
# CSV: 2nd column, unique domains sorted by frequency
cut -d, -f2 emails.csv | sort | uniq -c | sort -nr | head
# replace in-place (create a backup with .bak)
sed -i.bak 's/http:/https:/g' *.html
# extract 1st and 3rd fields where 5th field > 100
awk -F, '$5 > 100 {print $1, $3}' data.csvSee official docs for behavior details: GNU Coreutils Manual.
14) Logs & Troubleshooting
# system log (journald)
sudo journalctl -xe # recent errors with detail
sudo journalctl -u nginx # service-specific logs
# grep recent kernel messages
dmesg | tail -50
# who is using a file/port
lsof /var/log/syslog
sudo lsof -i :44315) Help: man, --help, info
# quick overview
tool --help
# full manual (q to quit, /pattern to search)
man tool
man 1 ls # specify section
# deeper docs for bash features
info bashOnline references: Linux man-pages · GNU Bash Manual.
Quick Reference (Copy-Paste)
| Task | Command |
|---|---|
| Find big files | find . -type f -size +100M -exec ls -lh {} + | sort -k5 -h |
| Top 10 IPs hitting server | awk '{print $1}' access.log | sort | uniq -c | sort -nr | head |
| Open ports | sudo ss -tulpn |
| Fast text search | rg -n "pattern" |
| Backup folder | tar -czf backup_$(date +%F).tgz ./folder |
Next Steps
Keep momentum with these focused deep dives from my Linux series:
- Package Management — repos, pinning, and policies.
- Linux Networking — SSH, firewalls, diagnostics.
- System Monitoring — live metrics and alerting.
- Linux File Permissions — umask, sticky bit, ACLs.
- Setting Up Clean Dev Environments — make mistakes safe.
