Getting started with Linux commands

Linux is one of the most popular operating systems. It is a free and open-source operating system that is widely used in enterprise systems as well as desktop and laptop environments.

Image source: Author

It comes in several distributions with RedHat making up 65–80% of the data center market. Other distributions that are free to use and common in data centers include Debian, Mint, CentOS, Fedora, Kali, Arch, etc. It’s a common saying that the best Linux distro is the one that works best on your computer, so try a few to see which one best suits your hardware and your style of working.

Nowadays, Linux is everywhere: from Smart TVs, Android smartphones, tablets to other Linux embedded devices that constitute IoT- Internet of Things devices.

One must be thinking that why Linux should be preferred over proprietary software platforms such as Windows and Mac? Here’s a few awesome reasons that will give you a clear picture -

  • Free i.e zero cost of entry.
  • easy to maintain and operate
  • fast, secure, and reliable
  • Community support
  • Better hardware support
  • Customizable
  • The smooth and easy update process
  • Wide compatibility

Linux is the king as well as the darling of data centers. 😄

Linux Commands

Linux has a ton of commands, but most of us only use chunks of them. Some Linux command are listed below-


The sudo command allows you to run programs as another user, by default the root user. If you spend a lot of time on the command line, sudo is one of the commands that you will use quite frequently.

To check whether sudo is installed on your Linux distribution type sudo, and press enter. Generally, sudo package is pre-installed on most Linux distributions but if you receive something like sudo command not found then don’t worry you can easily install it using the package manager of your distro.

Install Sudo on Ubuntu and Debian

$ apt install sudo  

Install Sudo on CentOS and Fedora

$ yum install sudo


Print the full filename of the current working directory.


The ls command-list information about the FILEs (the current directory by default). It allows us to interact with files via another command.


The cd command is used to change the current working directory.


The mkdir command creates a new subdirectory in the current working directory.

$ mkdir Linuxcommand

This creates a new subdirectory “Linuxcommand” in the present working directory.


This command deletes the empty directory.


This command creates a new file with a specific name.

Here I have created the MyFile.txt file in my present working directory.


This command clears a command-line screen/window for a fresh start.


This command displays the content of a specific file on the screen. It also helps us to create, view, and concatenate files.

Content of file is displayed on the screen.
The new file is created with cat command
cat command concatenates file


This command stands for Global Regular Expression Print. It is used to search for a string of characters in a specified file. The text search pattern is called a regular expression. When it finds a match, it prints the line with the result. The grep command is handy when searching through large log files.

$ grep <string> <filename>

To search for a regular expression in multiple files -


This command displays and sets the system date and time. It also allows users to print the time in different formats and calculate future and past dates.


This command report file system disk space usage.


The ps stands for Process Status. This command lists current running processes alongside their PIDs and other attributes.


This command displays the running processes as a tree.


This command is used to view the previously executed command. These commands are saved in a history file. The GNU History library is able to keep track of those lines, associate arbitrary data with each line, and utilize information from previous lines in composing new ones.


This command displays the processor activity of your Linux box and also displays tasks managed by the kernel in real-time. It’ll show processor and memory are being used and other information like running processes. Press ‘q’ to quit the window.


This command is used to send a signal to a process. By default, the message sent is the termination signal, which requests that the process exit.

$ kill -l #it list down all the signal name in a table.
$ kill [OPTIONS] [PID]


This command output the first part of the files.


This command output the last part of the files.


less command allows you to view the contents of a file and navigate through the file. This command is faster because it does not load the entire file at once and allows navigation through the file using page up/down keys.


more is a filter for paging through text one screenful at a time. This version is especially primitive. Users should realize that less provides more emulation plus extensive enhancements.


ARP stands for Address Resolution Protocol, which is used to find the media access control address of a network neighbor for a given IPv4 Address. It manipulates or displays the kernel’s IPv4 network neighbor cache. It can add entries to the table, delete one, or display the current content.


Ifconfig is used to configure the kernel-resident network interfaces. It is used at boot time to set up interfaces as necessary. After that, it is usually only needed when debugging or when system tuning is needed.

If no arguments are given, ifconfig displays the status of the currently active interfaces. If a single interface argument is given, it displays the status of the given interface only; if a single-a argument is given, it displays the status of all interfaces, even those that are down. Otherwise, it configures an interface.


dig is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use, and clarity of output. Other lookup tools tend to have less functionality than dig.

dig [server] [name] [type]

Here, you receive an IP address. If you use that IP address in your browser, the google window will open up.


This command prints network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.


ping is the primary TCP/IP command used to troubleshoot connectivity, reachability, and name resolution. Used without parameters, this command displays Help content. You can also use this command to test both the computer name and the IP address of the computer.

To terminate this press ctrl + c. Whereas you can also pass commands which will terminate automatically after a certain number of times. In the below example, ping -c count automatically stop after it sends a certain number of packets.


This command print the route packets trace to the network host. It is useful when you want to know about the route and about all the hops that a packet takes. The below image depicts how the traceroute command is used to reach the Google host from the local machine and it also prints detail about all the hops that it visits in between.


Tcpdump prints out a description of the contents of packets on a network interface that matches the boolean expression; the description is preceded by a time stamp, printed, by default, as hours, minutes, seconds, and fractions of a second since midnight. It can also be run with the -w flag, which causes it to save the packet data to a file for later analysis, and/or with the -r flag, which causes it to read from a saved packet file rather than to read packets from a network interface. It can also be run with the -V flag, which causes it to read a list of saved packet files. In all cases, only packets that match the expression will be processed by tcpdump.

If you are a windows bash user then you may face trouble. A link that may resolve your trouble.


Nmap (“Network Mapper”) is an open-source tool for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. This command is commonly used for security audits, many systems and network administrators find it useful for routine tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.

In addition to the interesting ports table, Nmap can provide further information on targets, including reverse DNS names, operating system guesses, device types, and MAC addresses.

That’s all in this article.

Thank you for spending your time reading it.😊

3rd year CSE student at IIITKALYANI , enthusiastic learner and explorer