You want to be a Linux Guru, but you don’t know where to start learning? Want to be a DevOps engineer and also be proficient in a Linux environment? Or to show your skills to your friends? But whenever you start learning, you get overwhelmed by a multitude of commands and don’t know which are the best to learn first? In this post, we will cover 10 Essential Linux Commands that you should know or learn, especially if you work as a DevOps or system admin so let’s go.
1. grep:
Imagine needing to find a specific error message buried within megabytes, maybe even gigabytes, of log data. Or perhaps you need to quickly check if a configuration file contains a particular setting across multiple servers. This is where grep shines. At its heart, grep searches for patterns within text. You give it a pattern (like a word), and it shows you the lines that match.
Troubleshooting is a massive part of every DevOps or Sysadmin, and logs are your primary source of information. Without grep, sifting through logs is a nightmare.
Examples:
Finding Errors in Logs:
grep -i 'ERROR' /var/log/app/current.logThe -i flag makes the search ignore case, so it finds “ERROR”, “error”, “Error”, etc.
Checking Active Configuration: Wondering if your Nginx config actually includes the gzip on; directive?
grep 'gzip on;' /etc/nginx/nginx.confKey Flags to Know: -i (ignore case), -v (invert match – show lines not matching), -r (recursive search in directories), -C <num> (show N lines of Context around matches – super helpful for seeing what happened before/after an error).
2. ssh:
Unless all your infrastructure runs on your or client laptop, you need a way to securely connect to remote servers. That’s precisely what ssh does. It creates an encrypted connection between your machine and a remote server, allowing you to run commands there as if you were logged in locally.
Ssh is the absolute foundation of remote server administration. Deploying applications, updating configurations, restarting services on cloud instances (like AWS EC2) or physical servers – it all starts with ssh.
Examples:
Basic Connection: The simplest form connects using a username and the server’s IP address or hostname.
ssh [email protected]You’ll likely be prompted for a password.
Using SSH Keys (More Secure): Password logins are often disabled for security. Instead, you use SSH key pairs.The -i flag specifies the path to your private key file. This is standard practice for cloud environments.
ssh -i ~/.ssh/my_private_key.pem [email protected]Key Flags to Know: -i (identity file/private key), -p (specify a non-standard SSH port if the server isn’t using the default port 22). Also, remember scp and sftp which use SSH under the hood for secure file transfers.
3. curl:
Need to check if a web service is up? Test an API endpoint? Download a file from a URL? curl (Client URL) is your go to tool for transferring data using URLs.
Modern applications are often composed of microservices that communicate via APIs. Verifying that these APIs are responding correctly is crucial. curl allows you to easily send requests to these endpoints. It’s also essential for automation tasks like triggering CI/CD jobs via API calls, downloading build artifacts, or interacting with cloud provider APIs.
Examples:
Testing a POST API Endpoint: Let’s say you need to send some JSON data to register a new service:
curl -X POST \
-H "Content-Type: application/json" \
-H "Authorization: Bearer your_api_token" \
-d '{"serviceName": "inventory-service", "port": 8081}' \
http://service-registry.internal/registerHere, -X POST sets the method, -H adds headers, and -d provides the JSON data payload.
Downloading a File: Need to grab the latest version of a tool or configuration?
curl -L -o latest_app.jar https://artifactory.example.com/artifactory/libs-release-local/com/example/myapp/latest/myapp.jarKey Flags to Know: -X (request method), -H (add header), -d (send data payload), -o (output to file), -s (silent mode – hides progress meter), -L (follow redirects), -I (show headers only).
4. systemctl:
Modern Linux systems typically use systemd to manage background processes, known as services or daemons. systemctl is the command you use to interact with systemd – to start, stop, restart, check the status of, and enable/disable these services.
Examples:
Checking Service Status: The most common use – see if a service is running, view recent logs, check for errors.
sudo systemctl status nginx
Restarting a Service: If you’ve updated a config file or deployed new code that requires a restart:
sudo systemctl restart dockerStarting/Stopping a Service:
sudo systemctl stop cron
sudo systemctl start cronKey Verbs: status, start, stop, restart, reload (re-reads config without full stop/start, if supported), enable, disable, is-active, is-enabled.
5. tail -f:
Imagine you’ve just kicked off a deployment or are running a critical test. You want immediate feedback. Are there errors popping up in the application log right now? Is the web server access log showing the requests you expect? tail -f gives you that live window into what’s happening. It’s like having a real-time show of your logs.
Examples:
Watching an Application Log During Deployment:
tail -f /var/log/app/production.logMonitoring System Messages: Keep an eye on general system activity:
tail -f /var/log/syslog
Key Flags: -f (follow)
6. find
Imagine needing to locate all log files older than 7 days or finding every configuration file named *.conf across various directories, or searching for files owned by a specific user. The find command is built precisely for these kinds of tasks.
Finding Files by Name
find . -type f -name "*.yml"Finding Large Files: Locate files in /var/log larger than 100 Megabytes:
find /var/log -type f -size +100MKey Flags/Options: -type (f=file, d=directory), -name (pattern), -iname (case-insensitive name), -size (+N, -N, N), -mtime (modification time in days), -mmin (modification time in minutes), -user, -group, -perm (permissions), -exec command {} \;, -delete.
7. AWK
While grep is great for finding lines containing patterns, awk excels at processing text files that have some structure, especially column-based data. It reads input line by line, splits each line into fields, and lets you perform actions based on patterns or conditions.
Log files often have a consistent format. Command outputs are also frequently structured in columns. Awk allows you to easily extract specific pieces of information (like just the IP addresses from a log, or the available disk space percentage from df), calculate summaries, or reformat text output.
Examples:
Extracting Specific Columns: Get just the filesystem name (1st column) and available space (4th column) from df -h output (skipping the header line):
df -h | awk 'NR > 1 {print $1, $4}'Filtering Based on Field Value: Show processes using more than 5% CPU from ps aux output:
ps aux | awk '$3 > 5.0 {print $0}'Key Concepts: -F (field separator), NR (record/line number), NF (number of fields on current line), $1, $2, $0 (entire line), pattern matching (/regex/), conditions ($3 > 10).
8. df & du
Running out of disk space can bring databases, applications, and entire systems to a grinding halt. df (Disk Free) gives you the big picture of mounted filesystems, while du (Disk Usage) helps you find what is consuming space within specific directories.
Examples:
Standard Check (Human Readable): The most common way to check overall disk usage:
df -hFinding the Biggest Culprits: If df -h shows /var is 90% full, investigate with du:
sudo du -sh /var/* | sort -rh | head -n 10Key Flags:
du: -h (human-readable), -s (summary for each argument), -c (grand total), –max-depth=N (limit recursion depth).
df: -h (human-readable), -i (inodes), -T (show filesystem type).
9. PS
Need to check if a specific application process is actually running? How many worker processes has your web server spawned? What command arguments was a process started with? ps answers these questions. It’s essential for verifying deployments, diagnosing issues (e.g., zombie processes), and scripting checks for process existence or count.
Examples:
Show All Processes : This is often the most informative starting point:
ps auxShow All Processes:
ps -efFiltering with grep (Very Common): Check if nginx processes are running:
ps aux | grep 'nginx'
Finding a Process by PID:
ps -p 12345 -fKey Flags: aux, -ef (System V style), -p <PID>, –forest, -u <user>, -C <command_name>.
10. chmod & chown
Linux security heavily relies on file permissions and ownership. chmod (Change Mode) modifies the read (r), write (w), and execute (x) permissions for the file’s owner, the group owner, and everyone else. chown (Change Owner) changes the user and/or group that owns a file or directory.
Examples:
Making a Script Executable:
chmod +x my_deploy_script.sh
Securing a Private Key: Only the owner should read/write:
chmod 600 ~/.ssh/id_rsa
Changing the Owner:
sudo chown jdoe important_config.yaml
Changing Only the Group:
sudo chown :developers shared_project/Conclusion:
So there you have it – 10 Linux commands for every DevOps engineer. From searching logs with grep and connecting securely with ssh, to managing services with systemctl, inspecting processes with ps, and wrangling files with find, chmod, and chown, these tools are your daily drivers for navigating, managing, and troubleshooting Linux systems.
Of course, simply reading about these commands isn’t enough. The real learning, the true mastery, comes from using them. Open up a terminal, connect to a test server, and experiment. Try the examples, explore different flags, and see how they behave. Break things (safely!), fix them, and learn from the process. The more you practice, the more intuitive these commands will become.
While this list covers crucial ground, the Linux command line is a vast and powerful ecosystem. As you grow, you’ll inevitably encounter on other essential tools. Commands like sed (for stream editing text), tar (for archiving files), journalctl (for querying the systemd journal), network tools like ip or ss, firewall tools like iptables or ufw, and package managers (apt for Debian/Ubuntu, yum or dnf for CentOS/RHEL/Fedora) are all parts of the broader landscape. Don’t hesitate to dive deeper – the built-in manual pages (man <command_name>, e.g., man grep) are your best friend for detailed information on any command.
What Are Your Go-To Commands?
We’ve shared our top ten, but every engineer has their personal favorites or commands they find indispensable for their specific workflows. What Linux commands do you rely on most in your DevOps role? Are there any crucial ones you think we missed?
And if you found this breakdown helpful and want more practical DevOps tips, tutorials, and insights delivered straight to your inbox, be sure to subscribe to the newsletter!
