The Ultimate Guide to Mastering Linux Commands (From Beginner to Pro)

Welcome to the last guide on Linux commands you will ever need.

No, that’s not an exaggeration.

In a world of fragmented tutorials, 5-minute “hacks,” and cheat sheets that leave you with more questions than answers, this post is different. This is a comprehensive, 10,000-word masterclass designed to take you from a complete beginner, nervously staring at a blinking cursor, to a confident pro who can navigate, manipulate, and manage a Linux system with effortless precision.

We’ll move beyond the “what” and dive deep into the “why” and “how.” We won’t just tell you that ls lists files. We will show you how to use ls to find the exact file you need, how to format its output to be human-readable, and how to combine it with other commands to build powerful, time-saving workflows.

The command line, or “terminal,” is the beating heart of Linux. It’s the single most powerful tool at your disposal, offering speed, control, and flexibility that no graphical user interface (GUI) can ever hope to match. Whether you’re a developer, a system administrator, a data scientist, or just a curious enthusiast, mastering the terminal is the key to unlocking the true potential of Linux.

This guide is structured to be your one-stop resource. We will start with the absolute basics—moving around the filesystem—and progressively build your knowledge, layer by layer. We’ll cover:

• Basic Navigation: How to move, see where you are, and never get lost.
• File & Directory Management: The core skills of creating, deleting, copying, and moving files.
• File Permissions & Ownership: The critical concepts that keep Linux secure.
• System Information: How to peek under the hood and see what your system is doing.
• Process Management: How to control the software that’s running (and stop it when it misbehaves).
• Networking: How to check your connection, download files, and connect to other machines.
• Package Management: The “app store” for the command line.
• Searching & Finding: How to find any file or piece of text, anywhere on your system, instantly.

This is not a race. Bookmark this page. Take your time. Open your terminal and run every single command as you read. The only way to learn the command line is to use the command line.

Let’s begin.

Basic Navigation

Before you can run, you must walk. In Linux, this means learning to navigate the filesystem. Everything in Linux is a file, and all those files live in directories. These commands are your map and compass.

pwd (Print Working Directory)

This is the “you are here” sign of the Linux world. It’s arguably the most important command to learn first. It does one simple thing: it tells you the full path of the directory you are currently in.

• Why it’s essential: It’s incredibly easy to get lost when you’re navigating. You might think you’re in your “Downloads” folder, but you’re actually in your home directory. pwd gives you instant confirmation.
• Syntax:pwd
• Common Options:
  • pwd rarely needs options. Its default behavior is what you want 99.9% of the time.
  • -P: If you are in a directory that is a “symbolic link” (a shortcut), this option will show you the physical path, not the shortcut’s path.
• Real-World Examples:
  1. Check your location:$ pwd /home/username This output tells you that you are currently in the /home/username directory, which is your “home” directory.
  2. After moving:$ cd /var/log $ pwd /var/log This confirms you successfully moved to the /var/log directory.

ls (List)

This is the command you’ll type more than any other. ls lists the contents (files and directories) of your current location.

• Why it’s essential: It’s your eyes. ls lets you see what’s in a directory so you can decide what to do next.
• Syntax:ls [options] [directory_path] If you don’t provide a directory_path, it lists the contents of your current directory (the one pwd shows you).
• Common Options (This is where ls becomes a powerhouse):
  • -l (long format): This is the most useful option. Instead of just a list of names, it shows you detailed information:
    • File permissions
    • Number of links
    • Owner (user)
    • Group
    • File size (in bytes)
    • Last modified date and time
    • File/Directory name
  • -a (all): By default, Linux hides configuration files (any file starting with a .). This option shows you all files, including the hidden ones.
  • -h (human-readable): When used with -l, this makes file sizes easy to read (e.g., 4.0K, 1.2M, 5G instead of 4096, 1258291, 5368709120).
  • -t: Sorts the list by modification time, showing the newest files first.
  • -r: Reverses the sort order. Combine with -t (ls -ltr) to see the oldest files last, which is a very common way to check logs.
  • -R (recursive): Lists the contents of the current directory and all subdirectories. Be careful with this one in large directories!
• Real-World Examples:
  1. Simple list:$ ls Desktop Documents Downloads Music Pictures Videos
  2. The most common command: ls -la (long format + show all):$ ls -la drwxr-xr-x 15 username usergroup 4096 Oct 23 18:00 . drwxr-xr-x 3 root root 4096 Oct 10 05:00 .. -rw-r--r-- 1 username usergroup 8980 Oct 11 10:00 .bashrc drwx------ 3 username usergroup 4096 Oct 20 12:30 .config drwxr-xr-x 2 username usergroup 4096 Oct 23 17:00 Desktop drwxr-xr-x 2 username usergroup 4096 Oct 15 09:00 Documents
     • The d at the beginning means it’s a directory.
     • . is a shortcut for the current directory.
     • .. is a shortcut for the parent directory (one level up).
  3. Detailed, human-readable list:$ ls -lh total 24K drwxr-xr-x 2 username usergroup 4.0K Oct 23 17:00 Desktop drwxr-xr-x 2 username usergroup 4.0K Oct 15 09:00 Documents drwxr-xr-x 5 username usergroup 4.0K Oct 22 14:00 Downloads -rw-r--r-- 1 username usergroup 5.8K Oct 19 11:30 my_notes.txt
  4. List files in a different directory:$ ls -l /var/log -rw-r----- 1 syslog adm 850K Oct 23 18:05 syslog -rw-r----- 1 root adm 120K Oct 23 17:00 auth.log

cd (Change Directory)

Now that you can see where you are (pwd) and what’s around you (ls), it’s time to move. cd is how you change your location.

• Why it’s essential: This is your primary movement tool. You use it to go into directories and come back out.
• Syntax:cd [directory_path]
• Key “Shortcuts” for Paths:
  • cd / (Go to root): Takes you to the absolute top of the filesystem. Everything starts here.
  • cd ~ (Go to home): Takes you to your personal home directory (e.g., /home/username). This is your main workspace.
  • cd (with no path): This is a shortcut for cd ~. It’s the quickest way to get home.
  • cd .. (Go up one level): Moves you from your current directory to its parent directory.
  • cd - (Go to previous directory): A super useful shortcut that takes you back to the last directory you were in.
• Real-World Examples:
  1. Move to your Downloads folder:$ pwd /home/username $ cd Downloads $ pwd /home/username/Downloads Pro-tip: Type cd Dow and press the Tab key. The shell will “auto-complete” the rest of the name for you. This is a massive time-saver and prevents typos.
  2. Move to a system folder using an absolute path:$ cd /etc/ssh $ pwd /etc/ssh
  3. Move up two levels:$ pwd /home/username/Documents/Projects $ cd ../.. $ pwd /home/username
  4. Use cd - to toggle:$ pwd /var/log $ cd /home/username/my-project $ pwd /home/username/my-project $ cd - /var/log $ cd - /home/username/my-project

clear (Clear the Terminal Screen)

Your terminal will get cluttered. Fast. The clear command wipes it all away and gives you a fresh, clean screen.

• Why it’s essential: It’s purely for organization. It helps you reduce “noise” and focus on the output of your next command.
• Syntax:clear Pro-tip: The keyboard shortcut Ctrl + L does the exact same thing and is much faster to type.
• Example:
  1. Before:$ ls -l ... (20 lines of output) ... $ pwd /home/username $ whoami username
  2. After running clear:$ (Your terminal is now empty, with the prompt at the top.)

history (Show Command History)

The shell remembers everything you type. The history command shows you a numbered list of your recent commands.

• Why it’s essential: Invaluable for remembering that one complex command you ran yesterday. You can also re-run commands from your history.
• Syntax:history
• Common Options & Usage:
  • history 20: Shows the last 20 commands.
  • !123: Re-runs the command with the number 123 from your history.
  • !!: Re-runs the last command you just ran (useful if you forgot to add sudo).
  • !grep: Re-runs the last command you ran that started with “grep”.
  • Ctrl + R: This is the interactive history search. Press Ctrl + R, then start typing a part of the command you remember (e.g., “ssh”). It will auto-complete with the most recent match. Press Ctrl + R again to cycle through older matches. This is a game-changing workflow.
• Real-World Example:$ history 5 1001 ls -lh 1002 cd /etc 1003 cat fstab 1004 sudo apt update 1005 history 5 $ !1003 cat fstab # (contents of fstab are displayed)

File & Directory Management

This is where you’ll spend most of your time. These commands are the building blocks for creating, modifying, and organizing your work.

touch filename (Create a New Empty File)

The touch command has two main purposes. The simplest one is to create a new, completely empty file. Its original purpose was to “touch” an existing file to update its “last modified” timestamp to the current time, without changing its contents.

• Why it’s essential: It’s the quickest way to create a file you intend to edit later (e.g., touch new-script.sh). It’s also used in scripts to signal that a process has run by “touching” a lock file.
• Syntax:touch [options] filename
• Real-World Examples:
  1. Create a single file:$ ls $ touch my_notes.txt $ ls my_notes.txt
  2. Create multiple files at once:$ touch file1.txt file2.html file3.js $ ls file1.txt file2.html file3.js
  3. Update a file’s timestamp:$ ls -l my_notes.txt -rw-r--r-- 1 username usergroup 0 Oct 23 18:30 my_notes.txt $ # ... (wait a few minutes) ... $ touch my_notes.txt $ ls -l my_notes.txt -rw-r--r-- 1 username usergroup 0 Oct 23 18:33 my_notes.txt (Note the time has changed.)

mkdir dirname (Create a New Directory)

Just like touch creates files, mkdir (make directory) creates new, empty directories.

• Why it’s essential: This is how you build the “folders” to organize your files.
• Syntax:mkdir [options] dirname
• Common Options:
  • -p (parent): This is a crucial option. If you want to create a directory nested inside another directory that doesn’t exist yet, you must use -p. It creates the entire path for you.
• Real-World Examples:
  1. Create a simple directory:$ mkdir MyProject $ ls -l drwxr-xr-x 2 username usergroup 4096 Oct 23 18:35 MyProject
  2. The -p option in action:$ # This will FAIL: $ mkdir MyProject/assets/images mkdir: cannot create directory ‘MyProject/assets/images’: No such file or directory $ # This will SUCCEED: $ mkdir -p MyProject/assets/images $ ls -R MyProject MyProject: assets MyProject/assets: images

rm (Remove) and rmdir (Remove Directory)

These are your “delete” commands. BE EXTREMELY CAREFUL WITH THESE. Especially rm. There is no “Recycle Bin” on the command line. Once it’s gone, it’s gone.

rmdir dirname (Remove an Empty Directory)

This is the safer of the two. It only removes a directory if it is completely empty.

• Syntax:rmdir dirname
• Example:$ mkdir TempFolder $ rmdir TempFolder $ # It works $ mkdir TempFolder $ touch TempFolder/file.txt $ rmdir TempFolder rmdir: failed to remove 'TempFolder': Directory not empty

rm filename (Remove a File)

This command deletes files.

• Why it’s essential: For cleaning up.
• Syntax:rm [options] filename
• Common Options:
  • -i (interactive): Prompts you for confirmation (“remove file.txt?”) before deleting. This is a good safety net.
  • -f (force): Forces the deletion. It will not prompt you, even if a file is write-protected. Use with extreme caution.
• Real-World Examples:
  1. Delete a file:$ rm my_notes.txt
  2. Delete with a prompt:$ rm -i file1.txt rm: remove regular empty file 'file1.txt'? y

rm -r dirname (Remove a Directory Recursively)

This is how you delete a directory and all of its contents. This is one of the most dangerous commands in Linux.

• Why it’s essential: It’s the only standard way to delete a non-empty directory.
• Syntax:rm -r [options] dirname
• Common Options:
  • -r (recursive): This is the option that tells rm to go inside the directory, delete everything, then delete the directory itself.
  • -f (force): When combined as rm -rf, this is the infamous command that can wipe your entire system if you’re not careful. It means “recursively and forcibly remove…”.
  • rm -ri dirname: This is a much safer way. It will recursively go through and ask you for every single file and subdirectory.
• Real-World Example:
  1. Delete a project folder:$ ls -R MyProject MyProject: assets README.md MyProject/assets: images MyProject/assets/images: logo.png $ rm -r MyProject $ ls $ # MyProject is now gone.
  2. The DANGEROUS command (DEMO – DO NOT RUN):
     • rm -rf /
     • This command tells the system: “Start at the root directory (/) and recursively (-r) and forcibly (-f) delete everything.” This will destroy your entire operating system. Never, ever run this.

cp (Copy)

cp copies files or directories.

• Why it’s essential: For making backups, duplicating projects, or moving files to a new location without deleting the original.
• Syntax:cp [options] source destination
• Common Options:
  • -r (recursive): To copy a directory, you must use -r. It copies the directory and all its contents.
  • -v (verbose): Shows you what’s being copied, file by file.
  • -i (interactive): Will ask you before overwriting an existing file in the destination.
• Real-World Examples:
  1. Copy a file:$ touch original.txt $ cp original.txt backup.txt $ ls original.txt backup.txt
  2. Copy a file into a different directory:$ mkdir Backups $ cp original.txt Backups/ $ ls Backups/ original.txt
  3. Copy a directory (MUST use -r):$ mkdir -p MyProject/assets $ cp -r MyProject MyProject_Backup $ ls MyProject MyProject_Backup

mv (Move)

mv moves a file or directory. This is also how you rename a file or directory.

• Why it’s essential: This is your primary tool for renaming and reorganizing your filesystem. Unlike cp, the original is removed.
• Syntax:mv [options] source destination
• Real-World Examples:
  1. Rename a file:$ touch file.txt $ mv file.txt new_name.txt $ ls new_name.txt
  2. Move a file into a directory:$ mkdir MyFolder $ mv new_name.txt MyFolder/ $ ls MyFolder $ ls MyFolder new_name.txt
  3. Rename a directory:$ mkdir MyProject $ mv MyProject OldProject $ ls OldProject

cat (Concatenate)

This command’s name is short for “concatenate.” Its original purpose was to string files together, but it’s most commonly used to quickly display the entire contents of a file on the screen.

• Why it’s essential: Perfect for viewing short files (like configuration files or short scripts) without opening a full text editor.
• Syntax:cat [options] filename
• Common Options:
  • -n (number): Displays the output with line numbers.
• Real-World Examples:
  1. View a file:$ cat /etc/fstab # /etc/fstab: static file system information. # # <file system> <mount point> <type> <options> <dump> <pass> /dev/sda1 / ext4 errors=remount-ro 0 1
  2. Concatenate two files:$ echo "Hello" > file1.txt $ echo "World" > file2.txt $ cat file1.txt file2.txt Hello World
  3. View a file with line numbers:$ cat -n my_script.sh 1 #!/bin/bash 2 3 echo "This is my script."

less filename (Page-at-a-Time Viewer)

cat is great for short files, but what about a 5,000-line log file? If you cat it, it will fly past your screen, and you’ll only see the last page. less is the solution.

• Why it’s essential: less is a powerful “pager” that lets you open a file of any size instantly and navigate through it.
• Syntax:less filename
• How to Use less (Once you’re inside):
  • Arrow Keys / PageUp / PageDown: To navigate.
  • q: To quit and return to the terminal.
  • / (forward slash): To search. Type /, then the text you want to find (e.g., /ERROR), and press Enter.
  • n: To find the next occurrence of your search.
  • N: To find the previous occurrence.
  • g: Go to the beginning of the file.
  • G: Go to the end of the file.
• Example:$ less /var/log/syslog (Your screen is now taken over by the less interface, showing you the top of the syslog file. You can now navigate. Press q to exit.)

head and tail (Show First/Last Lines)

These commands are perfectly named. head shows you the first few lines of a file, and tail shows you the last few.

• Why they’re essential: Incredibly useful for log files. head lets you see the header and tail lets you see the most recent entries.
• Syntax:head [options] filename tail [options] filename
• Common Options:
  • -n [number]: Specifies the number of lines to show. (e.g., head -n 20 shows the first 20 lines). By default, it’s 10.
  • tail -f filename (follow): This is the killer feature of tail. It opens the file and “follows” it, showing you new lines in real-time as they are added. This is the #1 way to monitor a live log file.
• Real-World Examples:
  1. See the first 5 lines:$ head -n 5 /var/log/syslog Oct 23 18:00:01 my-server systemd[1]: Starting system... Oct 23 18:00:01 my-server kernel: [ 0.000000] Linux version... ...
  2. See the last 10 lines:$ tail /var/log/syslog ... (last 10 lines of the log) ...
  3. Monitor a log file in real-time:$ tail -f /var/log/auth.log (The terminal will sit and wait. As new users try to log in, you will see new lines appear on your screen instantly. Press Ctrl + C to stop.)

File Permissions & Ownership

This is the part of Linux that confuses most beginners, but it’s the most critical for security. Every file and directory in Linux has two things: an owner (a user) and a group. It also has permissions set for three categories of people:

1. User: The owner of the file.
2. Group: Other users who are in the file’s group.
3. Other: Everybody else.

The permissions are r (read), w (write), and x (execute).

When you run ls -l, you see this: -rw-r--r--

• The first - means it’s a file (a d means directory).
• rw-: The User (owner) can read and write.
• r--: The Group can only read.
• r--: Other (everyone else) can only read.

chmod (Change Mode)

This command is used to change those rwx permissions.

• Why it’s essential: It’s how you make a script “executable” (so you can run it) or make a file “read-only” (to protect it).
• There are two ways to use chmod:
  1. Numeric Mode (e.g., chmod 755): This is the fast, “pro” way.
     • r (read) = 4
     • w (write) = 2
     • x (execute) = 1
     • You add them up for each category (User, Group, Other).
     • 7 = 4 + 2 + 1 (rwx)
     • 5 = 4 + 0 + 1 (r-x)
     • 0 = 0 + 0 + 0 (---)
     • So, chmod 755 filename means:
       • User: rwx (7)
       • Group: r-x (5)
       • Other: r-x (5)
     • This is the most common permission set for scripts and programs.
  2. Symbolic Mode (e.g., chmod u+x): This is the “easy-to-read” way.
     • u (user), g (group), o (other), a (all)
     • + (add), - (remove), = (set)
     • r (read), w (write), x (execute)
• Syntax:chmod [permissions] filename
• Real-World Examples:
  1. Make a script executable (the #1 use case):$ touch my-script.sh $ ls -l my-script.sh -rw-r--r-- 1 username usergroup 0 Oct 23 19:00 my-script.sh $ ./my-script.sh bash: ./my-script.sh: Permission denied $ chmod u+x my-script.sh $ ls -l my-script.sh -rwxr--r-- 1 username usergroup 0 Oct 23 19:00 my-script.sh $ ./my-script.sh # (script runs)
     • ./ means “run the file in this current directory.”
  2. Make a file read-only for everyone (using numeric mode):$ chmod 444 config.txt $ ls -l config.txt -r--r--r-- 1 username usergroup 0 Oct 23 19:01 config.txt
  3. Make a file private (only you can read/write):$ chmod 600 id_rsa $ ls -l id_rsa -rw------- 1 username usergroup 0 Oct 23 19:02 id_rsa

chown (Change Owner)

This command changes who owns a file. You almost always need to use sudo (Super User Do) to run this, as you’re changing permissions on a system level.

• Why it’s essential: For taking ownership of files or assigning files to a specific service. For example, your web server (www-data) might need to own files in /var/www.
• Syntax:sudo chown user:group filename
• Common Options:
  • -R (recursive): Changes the ownership of a directory and all files and subdirectories inside it. This is critical.
• Real-World Examples:
  1. Change the owner of a file:$ # File is owned by root $ ls -l /var/log/somefile.log -rw-r--r-- 1 root root 100 Oct 23 19:05 /var/log/somefile.log $ # Take ownership $ sudo chown username /var/log/somefile.log $ ls -l /var/log/somefile.log -rw-r--r-- 1 username root 100 Oct 23 19:05 /var/log/somefile.log
  2. Change the owner and group:$ sudo chown username:usergroup /var/log/somefile.log
  3. Change ownership of an entire web directory (very common):$ sudo chown -R www-data:www-data /var/www/my-website This command gives the www-data user and www-data group ownership of the entire my-website folder, which is necessary for a web server to read and write files.

System Information

These commands help you answer the question, “What is my system doing?” They are your dashboard for monitoring health, performance, and hardware.

uname -a (Unix Name)

Shows you basic information about your system.

• Why it’s essential: Quickly tells you what kind of machine you’re on, what kernel it’s running, and its architecture.
• Syntax:uname -a (The -a stands for “all”.)
• Example Output:$ uname -a Linux my-server 5.15.0-86-generic #96-Ubuntu SMP Wed Sep 20 08:23:49 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
  • Linux: The kernel name.
  • my-server: The hostname.
  • 5.15.0…: The kernel version.
  • x86_64: The system architecture (64-bit).

hostname (Show Hostname)

Simply shows or sets the system’s “name” on the network.

• Syntax:hostname
• Example:$ hostname my-server

uptime (Show System Uptime)

Tells you how long the system has been running since its last reboot. Also shows the “load average,” a key indicator of system business.

• Syntax:uptime
• Example Output:$ uptime 19:15:01 up 12 days, 4:20, 1 user, load average: 0.05, 0.15, 0.12
  • up 12 days, 4:20: The server has been on for 12 days.
  • load average: The numbers represent the average system load over the last 1, 5, and 15 minutes. Low numbers (near 0) are good. High numbers (above 1 per CPU core) mean the system is very busy.

top (Table of Processes)

This is a real-time, interactive dashboard of what your system is doing. It’s one of the most important monitoring tools.

• Why it’s essential: It’s your Task Manager. It shows you all running processes, how much CPU and Memory they are using, and more.
• Syntax:top
• How to Use top (Once you’re inside):
  • q: To quit.
  • P (uppercase P): Sorts by CPU usage (find what’s slowing things down).
  • M (uppercase M): Sorts by Memory usage (find what’s eating your RAM).
  • k (kill): Lets you type a Process ID (PID) to kill a misbehaving process.

htop (An Improved top)

htop is a modern, user-friendly, and more powerful version of top. It’s not always installed by default, but it’s highly recommended. (Install with sudo apt install htop or sudo yum install htop).

• Why it’s essential: It does everything top does but better. It’s in color, you can scroll, and you can use your mouse.
• Syntax:htop

df -h (Disk Free)

Reports the amount of free disk space on all your mounted filesystems.

• Why it’s essential: The #1 way to answer “Is my hard drive full?”
• Syntax:df -h
• Options:
  • -h (human-readable): This is essential. It shows sizes in G (gigabytes) and M (megabytes) instead of tiny “blocks.”
• Example Output:$ df -h Filesystem Size Used Avail Use% Mounted on /dev/sda1 50G 20G 28G 42% / tmpfs 3.9G 0 3.9G 0% /dev/shm /dev/sdb1 200G 150G 50G 75% /mnt/data This clearly shows the main drive (/) is 42% full and the data drive (/mnt/data) is 75% full.

du -sh * (Disk Usage)

df shows you the whole drive, but du shows you what’s using that space.

• Why it’s essential: When your drive is full, du is how you find the large files or directories that are the problem.
• Syntax:du [options] [path]
• Common Options:
  • -s (summarize): Only shows a total for each argument, not for every single subdirectory.
  • -h (human-readable): Shows sizes in G and M.
  • The Go-To Command:du -sh *
    • In your current directory, this command will show you a human-readable (-h) summary (-s) for every file and directory (*). You can then cd into the biggest directory and run it again, “drilling down” until you find the problem.
• Example (in /var/log):$ sudo du -sh * 4.0K app-install.log 120K auth.log 5.0M journal 4.0K some-app 850K syslog This quickly tells you the journal directory is the biggest item at 5.0M.

free -h (Show Memory Usage)

Gives you a snapshot of your RAM (memory) usage.

• Syntax:free -h
• Example Output:$ free -h total used free shared buff/cache available Mem: 7.8G 2.0G 4.5G 1.0M 1.3G 5.5G Swap: 2.0G 0B 2.0G
  • total: 7.8 Gigabytes of RAM.
  • used: 2.0G is being actively used by programs.
  • free: 4.5G is literally unused.
  • buff/cache: 1.3G is being used by Linux for caching (to speed things up). This is not “used” memory; Linux will free it instantly if a program needs it.
  • available: This is the real number. It’s free + buff/cache. This is how much RAM is actually available for new applications.

lscpu and lsblk (List CPU / List Block Devices)

• lscpu: Dumps a ton of information about your CPU (cores, speed, architecture, etc.).
• lsblk: Shows you all the “block devices”—your hard drives (sda, sdb), their partitions (sda1, sda2), and where (or if) they are mounted.

Process Management

A “process” is just a running program. These commands let you see and control them.

ps (Process Status)

Takes a “snapshot” of the processes running at this instant.

• Why it’s essential: top is interactive, but ps is what you use in scripts or to get a quick, one-time list.
• Syntax: There are two very common ways to run this:
  1. ps aux: (The “BSD” style) Shows all processes from all users in a user-friendly format. This is the most popular use.
  2. ps -ef: (The “System V” style) Does almost the same thing.
• Example Output (ps aux):USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.1 169360 13080 ? Ss Oct10 0:05 /sbin/init root 2 0.0 0.0 0 0 ? S Oct10 0:00 [kthreadd] username 1234 0.5 2.0 800123 160456 ? Sl Oct20 120:05 /usr/bin/chrome username 9876 0.0 0.1 12345 8080 pts/0 Ss 19:30 0:00 /bin/bash
  • PID: The Process ID. This is the most important number. It’s the unique “name” of the process.
  • COMMAND: The command that started the process.

kill (Kill a Process by ID)

This is how you stop a misbehaving process. You get the PID from top or ps, and you use kill to stop it.

• Why it’s essential: Your primary tool for stopping frozen or unwanted applications.
• Syntax:kill [PID]
• Signals (The “How-To-Kill” Instructions):
  • kill 1234: This sends a TERM (terminate) signal. It’s the “polite” way to kill. It asks the process to “please shut down cleanly.” This is always what you should try first.
  • kill -9 1234: This sends a KILL signal (Signal 9). This is the “impolite” way. It’s not a request; it’s an order. The kernel stops the process immediately, no questions asked. This is the “headshot” and should only be used if the polite kill doesn’t work.
• Real-World Example:
  1. Find the frozen program:$ ps aux | grep "chrome" username 1234 0.5 2.0 800123 160456 ? Sl Oct20 120:05 /usr/bin/chrome (The | grep "chrome" part is a “pipe” that filters the output of ps to only show lines containing “chrome”. We’ll cover grep later!)
  2. Try to kill it politely:$ kill 1234 (Wait a few seconds. If it’s still running, use the hammer.)
  3. Kill it with force:$ kill -9 1234

killall (Kill Process by Name)

A shortcut for when you don’t know the PID. It kills all processes matching a name.

• Syntax:killall processname
• Example:$ # This is the same as finding all PIDs for chrome and killing them one by one. $ killall chrome

bg, fg, jobs (Background & Foreground)

You can “pause” a command and send it to the “background.”

• How it works:
  1. Run a command that will take a long time (e.g., sleep 300).
  2. While it’s running, press Ctrl + Z. This “suspends” the job.
  3. Type bg (background) to let the job continue running, but in the background, giving you your terminal prompt back.
  4. Type jobs to see a list of your background jobs.
  5. Type fg (foreground) to bring the job back to the front, making it interactive again.
• Shortcut: Add an ampersand (&) to the end of a command to start it in the background immediately.$ sleep 300 & [1] 12345 $ # Command is running, but you have your prompt back.

Networking Commands

These commands are for checking your network status, connecting to other machines, and downloading files.

ifconfig and ip addr show (Show Network Info)

These commands show you your network interfaces and, most importantly, your IP address. ifconfig is old and deprecated; ip addr show is the new, more powerful standard.

• Syntax:$ ip addr show 1: lo: <LOOPBACK,UP...> inet 127.0.0.1/8 scope host lo 2: eth0: <BROADCAST,MULTICAST,UP...> inet 192.168.1.100/24 brd 192.168.1.255 scope global eth0 This output shows your loopback (lo) interface and your main ethernet (eth0) interface, which has the IP address 192.168.1.100.

ping (Test Connectivity)

This is the most basic network diagnostic tool. It sends a tiny “ping” packet to a server to see if it responds.

• Why it’s essential: Answers “Is the internet down?” or “Can I reach this server?”
• Syntax:ping [host]
• Example:$ ping google.com PING google.com (142.250.72.78): 56 data bytes 64 bytes from 142.250.72.78: icmp_seq=0 ttl=115 time=15.2 ms 64 bytes from 142.250.72.78: icmp_seq=1 ttl=115 time=15.5 ms ... (This means it’s working! Press Ctrl + C to stop.)

netstat and ss (Show Sockets)

These commands show you all the active network connections and ports your system is “listening” on. ss is the modern replacement for netstat.

• Syntax:ss -tuln
• Options:
  • -t (TCP), -u (UDP), -l (listening), -n (numeric, don’t resolve names)
• Example:$ ss -tuln State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 [::]:22 [::]:* This output shows that the server is listening on port 22, which is the SSH service.

curl and wget (Download Files)

These are two powerful tools for downloading files from the web.

• wget url
  • Its main purpose is to download a file and save it as a file in your current directory.
  • wget https://example.com/somefile.zip
• curl url
  • Its main purpose is to output the contents of a URL to your terminal. This makes it a powerful tool for testing APIs.
  • curl https://api.github.com/users/google (This will dump a JSON object to your screen).
  • To make curl save a file (like wget), use -O: curl -O https://example.com/somefile.zip

ssh (Secure Shell)

This is one of the most important commands in all of Linux. It allows you to open a secure terminal on a remote machine and run commands as if you were sitting in front of it.

• Syntax:ssh user@host
• Example:$ ssh admin@192.168.1.200 admin@192.168.1.200's password: Welcome to Ubuntu 22.04.3 LTS $ # You are now logged into the remote server. $ pwd /home/admin $ logout Connection to 192.168.1.200 closed. $ # You are now back on your local machine.

scp (Secure Copy)

This is “copy” (cp) over “ssh”. It lets you securely copy a file from your machine to a remote machine, or vice-versa.

• Syntax:# Copy file FROM local TO remote scp /path/to/local/file.txt user@host:/path/to/remote/destination/ # Copy file FROM remote TO local scp user@host:/path/to/remote/file.txt /path/to/local/destination/
• Example (local to remote):$ scp my-script.sh admin@192.168.1.200:/home/admin/

Package Management

A “package manager” is a tool that lets you install, update, and remove software. Which one you use depends on your Linux “distribution.”

• Debian/Ubuntu/Mint: Use apt (Advanced Package Tool).
• RHEL/CentOS/Fedora: Use yum (Yellowdog Updater, Modified) or its modern successor, dnf (Dandified YUM).

They all do the same basic things.

sudo apt update (Ubuntu/Debian)

This command doesn’t install anything. It “updates” your local list of available packages, so your system knows what new versions are available. You should always run this before installing or upgrading.

• sudo is required because you are changing system files.

sudo apt update

sudo apt upgrade (Ubuntu/Debian)

This command compares your list of installed packages with the “available” list (from apt update) and upgrades all your installed software to the latest versions.

sudo apt install packagename (Ubuntu/Debian)

This is how you install new software.

• Example:$ sudo apt install htop $ sudo apt install python3-pip

sudo apt remove packagename (Ubuntu/Debian)

This is how you uninstall software.

• sudo apt autoremove: This is a useful cleanup command. It removes “dependencies”—libraries and packages that were installed for another program but are no longer needed.

dpkg -l (Ubuntu/Apt)

Lists all packages installed on the system.

RHEL/CentOS/Fedora Equivalents:

• sudo yum update (or sudo dnf upgrade)
• sudo yum install packagename (or sudo dnf install packagename)
• sudo yum remove packagename (or sudo dnf remove packagename)

File Compression & Archiving

An “archive” (.tar) bundles many files into one. “Compression” (.gz, .zip) makes a file smaller.

tar (Tape Archive)

The standard Linux tool for bundling files.

• Syntax is tricky, but you only need to remember two “recipes”:
  1. To Create an archive (-cvf): Create, Verbose, File
     • tar -cvf archive.tar directory-to-bundle
     • Example: tar -cvf my_project.tar MyProject
  2. To Extract an archive (-xvf): Extract, Verbose, File
     • tar -xvf archive.tar
• Handling .tar.gz (Compressed Archives):
  • This is a .tar archive that has also been compressed with gzip.
  • Just add z (gzip) to your recipes.
  • Create: tar -cv**z**f archive.tar.gz directory-to-bundle
  • Extract: tar -xv**z**f archive.tar.gz

gzip and gunzip (Compress / Decompress)

This is a compression tool. It takes a single file and compresses it, replacing it with a .gz version.

• gzip filename: Compresses filename into filename.gz (and deletes the original).
• gunzip filename.gz: Decompresses filename.gz into filename (and deletes the .gz).

zip and unzip

This is the format you’re used to from Windows/macOS. It’s not always installed by default (sudo apt install zip unzip).

• zip archive.zip file1 file2 directory1
• unzip archive.zip

User Management

These commands let you manage who can log in to the machine. All of these require sudo.

• whoami: (No sudo needed) Just “who am I?” Prints your username.
• who: Shows who is currently logged into the system.
• id: Shows your user ID, group ID, and all the groups you belong to.
• sudo adduser username: A user-friendly, interactive script for adding a new user. It will prompt you for a password and other info.
• sudo passwd username: Changes the password for an existing user.
• sudo deluser username: Removes a user.
• su username: (Switch User) Lets you become another user in your current terminal session.
• logout: Exits the current session (or disconnects you from ssh or su).

System Shutdown & Reboot

These commands do exactly what they say. Always use sudo!

• sudo shutdown now: Shuts the system down immediately.
• sudo shutdown -r now: Reboots the system immediately.
• sudo reboot: A shortcut for shutdown -r now.
• sudo poweroff: A shortcut for shutdown now.

Search & Find

You’ve learned to manage files, but how do you find them?

find (Find Files by Criteria)

This is the most powerful and complex search tool. It can find files based on name, size, modification time, owner, and more.

• Why it’s essential: It’s the “advanced search” for your entire system.
• Syntax:find [path-to-start] -name [filename]
• Real-World Examples:
  1. Find a file by name (in the current directory):$ find . -name "config.txt" ./MyProject/config.txt
  2. Find a file by name (system-wide):$ sudo find / -name "sshd_config" /etc/ssh/sshd_config
  3. Find files using a wildcard:$ find . -name "*.log" ./app1/debug.log ./app2/error.log
  4. Find files by modification time (files changed in the last 24 hours):$ find . -mtime -1
  5. Find all empty files:$ find . -type f -empty

grep (Global Regular Expression Print)

grep is one of the most famous Linux commands. It searches for text patterns inside files.

• Why it’s essential: This is how you find what you’re looking for. “I know I wrote down that password… which file was it in?” “Which log file has the word ‘ERROR’ in it?” grep is the answer.
• Syntax:grep [options] 'pattern' file
• Common Options:
  • -r (recursive): This is the most important option. It searches all files in a directory and its subdirectories.
  • -i (ignore case): Makes your search case-insensitive.
  • -n (line number): Shows the line number for each match.
  • -v (invert match): Shows you all the lines that don’t match.
• Real-World Examples:
  1. Search for text in a single file:$ grep 'ERROR' /var/log/syslog Oct 23 19:40:01 my-server app[123]: [ERROR] Failed to connect to database.
  2. Search for text in all files in a directory (recursive):$ grep -r 'database_password' /etc/ /etc/my-app/config.ini:database_password = "supersecret"
  3. Search case-insensitively with line numbers:$ grep -in 'hello' my_notes.txt 1:Hello 5:I said hello.
  4. The killer combo: ps and grep:
     • ps aux produces a long list. How do you find one program? You “pipe” (|) the output of ps into grep as its input.
     $ ps aux | grep 'chrome' username 1234 0.5 2.0 800123 160456 ? Sl Oct20 120:05 /usr/bin/chrome This is a fundamental concept: command1 | command2. It chains commands together, and it’s the secret to being a command-line pro.

locate filename (Quickly Find Files)

find is powerful but can be slow, as it searches the disk in real-time. locate is lightning-fast.

• How it works: locate doesn’t search the disk. It searches a database of all files that your system maintains.
• The Catch: The database is usually only updated once a day. If you just created a file, locate won’t find it until the database is updated.
• sudo updatedb: You can force an update of the database with this command.
• Example:$ locate fstab /etc/fstab /usr/share/man/man5/fstab.5.gz

Conclusion: You’ve Only Just Begun

If you’ve made it this far, congratulations. You now have a rock-solid foundation in the Linux command line. You’ve gone from a blank screen to having a massive toolkit of commands to navigate, create, manage, and monitor a Linux system.

I hope that this guide has given you the “what,” “why,” and “how.” The only thing left is the “do.”

The secret to mastering Linux is not reading, it’s doing. Open your terminal. Stop using your mouse for a day. Force yourself to use cd, ls, mv, and cp. When you need to find a file, use find and grep. When you want to install software, use apt.

You will be slow. You will be frustrated. You will type rm -r MyProject when you meant rm -r MyProject_Backup. (We’ve all done it.) But in a week, you’ll be faster. In a month, you’ll be confident. And in a year, you’ll wonder how you ever used a computer any other way.

Bookmark this guide. Come back to it. This is your reference, your textbook, and your launching pad.

Welcome to the power of the command line.