Whether you are managing a single VPS or orchestrating a fleet of bare-metal servers, the command line is your primary workspace. Graphical panels are helpful, but they cannot replace the precision and speed of a well-crafted terminal command. In this guide, we will walk through 20 essential Linux commands that every server administrator should know by heart, complete with real-world examples you can start using today.
1. ls — List Directory Contents
The ls command is the first thing most admins type after logging in. It shows you what files and directories exist in your current location. The real power comes from its flags.
-l gives the long format with permissions and sizes, -a shows hidden files (dotfiles), and -h makes file sizes human-readable (KB, MB, GB). You will use this combination dozens of times per day.
2. cd — Change Directory
Navigation is fundamental. While cd seems trivial, knowing the shortcuts saves real time across thousands of sessions.
The cd - trick is especially useful when you are bouncing between two directories — it toggles back and forth like an undo button for navigation.
3. grep — Search File Contents
When something breaks, grep is how you find the needle in the haystack. It searches through file contents using patterns and regular expressions.
The -r flag searches recursively through directories, -n shows line numbers, -i makes it case-insensitive, and -c gives you a count. Pipe it to tail or head to limit output.
4. find — Locate Files on Disk
Where grep searches inside files, find locates files themselves by name, size, modification time, or permissions.
find can be slow. Consider using locate (which uses a pre-built database) for faster filename searches, or limit your search scope to specific directories.
5. chmod & chown — Permissions and Ownership
File permissions are the backbone of Linux security. Get them wrong and you either lock yourself out or expose sensitive data to the world.
| Permission | Numeric | Meaning | Use Case |
|---|---|---|---|
| rwxr-xr-x | 755 | Owner full, group+others read/execute | Web directories, scripts |
| rw-r--r-- | 644 | Owner read/write, others read-only | HTML, CSS, images |
| rwx------ | 700 | Owner only | Home directories, .ssh/ |
| rw------- | 600 | Owner read/write only | .env files, private keys |
6. df & du — Disk Space Analysis
Disk full? These two commands tell you where the space went. df shows filesystem-level usage, du shows directory-level usage.
The combination of du -sh piped to sort -rh gives you the largest space consumers at a glance, sorted from biggest to smallest.
7. ps, top & htop — Process Management
Knowing what is running on your server is critical. These three tools give you different views of the same data.
ps — Snapshot View
Shows processes at a single point in time. Great for scripting and piping.
ps aux | grep nginxps -eo pid,ppid,%cpu,%mem,cmd --sort=-%mem | head
htop — Interactive View
Real-time, color-coded process viewer with CPU/memory bars. Sort by column, search, kill — all from a TUI.
htop -u www-datahtop -p 1234,5678
8. kill & killall — Process Termination
When a process misbehaves, you need to stop it. Always try a graceful termination first.
kill -9 as your first option. SIGKILL does not allow the process to clean up, which can lead to corrupted files, orphaned lock files, or incomplete database transactions. Always try kill (SIGTERM) first and wait a few seconds.
9. tar — Archive and Compress
Backups, deployments, migrations — tar is involved in all of them. The flags are famously confusing, so here is the cheat sheet.
| Flag | Meaning |
|---|---|
-c | Create archive |
-x | Extract archive |
-z | Use gzip compression |
-j | Use bzip2 compression |
-f | Specify filename (must be last flag) |
-v | Verbose (show progress) |
-t | List contents |
-C | Change to directory before extracting |
10. scp & rsync — Remote File Transfer
Moving files between servers is a daily task. scp is simple, rsync is powerful.
rsync over scp for large transfers. Rsync only transfers changed bytes (delta sync), supports resume on failure, and can preserve permissions, timestamps, and symlinks with the -a (archive) flag.
11. systemctl — Service Management
Modern Linux runs on systemd, and systemctl is how you control every service on the system.
12. journalctl — System Logs
Forget digging through log files manually. journalctl gives you structured, filterable access to all systemd logs.
13. crontab — Scheduled Tasks
Automation is what separates a busy admin from an efficient one. Cron handles recurring tasks with precision.
| Schedule | Meaning | Example |
|---|---|---|
* * * * * | Every minute | Health checks |
*/5 * * * * | Every 5 minutes | Queue workers |
0 * * * * | Every hour | Log rotation |
0 2 * * * | Daily at 2 AM | Backups |
0 0 * * 0 | Weekly (Sunday midnight) | SSL renewal |
14. nftables & iptables — Firewall Management
Your server's firewall is the first line of defense. Modern Ubuntu uses nftables, though iptables commands still work through a compatibility layer.
15. curl — HTTP Requests from the Terminal
Test APIs, download files, check headers — curl is the Swiss Army knife of HTTP.
16. wget — Download Files
While curl is versatile, wget excels at straightforward file downloads, especially recursive ones.
17. ssh — Remote Access
SSH is the lifeline to your servers. Beyond basic connections, it offers tunneling, key-based auth, and multiplexing.
/etc/ssh/sshd_config. Set PasswordAuthentication no and PermitRootLogin prohibit-password. This single change blocks the vast majority of brute-force attacks.
18. tail & head — View File Portions
You rarely need to read an entire log file. tail and head let you focus on what matters.
The tail -f command is arguably the most-used debugging tool in a server admin's arsenal. Combine it with grep to filter specific patterns in real-time.
19. awk & sed — Text Processing Power
These two tools transform text streams. sed edits text in a pipeline, awk processes structured data column by column.
That first awk pipeline is a classic — it extracts the IP address column from nginx logs, counts unique occurrences, and shows you the top visitors. Invaluable for spotting abuse or DDoS sources.
20. cat — Read and Concatenate Files
Simple, essential, and used in countless pipelines. cat reads files and outputs their contents to the terminal or another command.
Quick Reference Cheat Sheet
| Task | Command | Category |
|---|---|---|
| List files with details | ls -lah | Navigation |
| Search inside files | grep -rn "pattern" /path/ | Search |
| Find files by name | find / -name "*.conf" | Search |
| Check disk usage | df -h && du -sh /var/* | Disk |
| View running processes | ps aux --sort=-%mem | Process |
| Restart a service | systemctl restart nginx | Service |
| Check recent logs | journalctl -u nginx --since "1h ago" | Logs |
| Transfer files | rsync -avz /src/ user@host:/dst/ | Transfer |
| Compress directory | tar -czf archive.tar.gz /dir/ | Archive |
| Top IPs in access log | awk '{print $1}' log | sort | uniq -c | sort -rn | Analysis |
Building Your Command Toolkit
These 20 commands form the foundation of everything you will do as a server administrator. They cover the essential categories of daily work:
ls, cd, cat
grep, find
chmod, chown
ps, htop, kill
systemctl, journalctl
- Master these commands and you can troubleshoot 90% of server issues from the terminal
- Combine commands with pipes (
|) to build powerful one-liners - Create aliases in your
~/.bashrcfor commands you type repeatedly - Use
man commandorcommand --helpwhen you forget a flag - Practice in a safe environment before running commands on production servers