Tutorial

50 Linux Commands Every Server Admin Must Know

Back to Blog
A modern alternative to cPanel, Plesk and CyberPanel — isolated, secure, AI-assisted.
Start free

Why the Command Line Is Still the Most Powerful Tool on Any Server

Panels come and go. GUIs change. But the Linux command line has been the backbone of server administration for five decades — and it is not going anywhere. Whether you are debugging a crashed service at 3 AM, recovering from a botched deployment, or just trying to understand what is eating your disk space, knowing these commands is the difference between a 5-minute fix and a 5-hour disaster.

This guide covers 50 essential Linux commands organized into 7 practical categories. For each command you will find what it does, how to use it, and a real-world example you can copy and run today. We also cover a bonus section on the most dangerous commands — because knowing what not to run is just as important.

New to server administration? Start with our 20 essential Linux commands guide first. This one assumes you already know ls and cd, and goes wider — 50 commands across 7 categories, plus the dangerous ones you need to recognize before you run them.

If you manage servers professionally, bookmark this page. It is the reference you will return to.


Category 1: File and Directory Operations (Commands 1–10)

File navigation is the foundation of everything else. These ten commands cover 90% of what you do when exploring a server for the first time.

1. ls -la — List Files with Full Detail

ls lists directory contents. The -l flag gives you the long format (permissions, owner, size, date), and -a shows hidden files (those starting with a dot). Combined, ls -la gives you the full picture.

# List current directory
ls -la

# List a specific directory
ls -la /etc/nginx/

# Sort by modification time, newest first
ls -lat

# Sort by file size, largest first
ls -laSh

Sample output:

drwxr-xr-x  4 root www-data 4096 Mar 15 10:22 .
drwxr-xr-x 12 root root     4096 Mar 10 08:14 ..
-rw-r--r--  1 root root     1452 Mar 15 10:22 nginx.conf
-rw-r-----  1 root www-data  894 Mar 14 22:01 .htpasswd
drwxr-xr-x  2 root root     4096 Mar 12 11:30 sites-enabled

The first column shows permissions (read/write/execute for owner, group, others). The third and fourth columns are owner and group. The fifth is file size — add -h for human-readable sizes.

2. cd — Navigate Directories

The most-used command on any server. Master the shortcuts and you will move twice as fast.

# Go to your home directory
cd ~

# Go to the previous directory (extremely useful)
cd -

# Go up one level
cd ..

# Absolute path
cd /var/log/nginx/

# Relative path
cd ../sites-available

The cd - trick is underused. It switches you between the current and previous directory, perfect when copying files between two locations.

3. pwd — Print Working Directory

Always know where you are. Especially important in chroot environments or deeply nested paths.

pwd
# Output: /home/myuser/public_html/wp-content/plugins

# Useful in scripts to get the script directory
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"

4. cp -r — Copy Files and Directories

# Copy a single file
cp config.php config.php.backup

# Copy a directory recursively
cp -r /var/www/html/site1 /var/www/html/site1-backup

# Preserve timestamps, permissions, and ownership
cp -rp /var/www/html/site1 /backup/site1-$(date +%Y%m%d)

# Copy multiple files to a destination
cp file1.conf file2.conf file3.conf /etc/nginx/conf.d/

# Show progress (verbose)
cp -rv /large/directory /destination/

5. mv — Move and Rename Files

# Rename a file
mv old-name.php new-name.php

# Move to another directory
mv config.php /etc/myapp/

# Move and rename simultaneously
mv /tmp/upload.tar.gz /backups/production-$(date +%Y%m%d).tar.gz

# Move multiple files
mv *.log /var/log/archived/

# Interactive (prompt before overwrite)
mv -i important.conf /etc/

6. rm -rf — Remove Files and Directories

The -r flag removes directories recursively. The -f flag forces removal without prompting. Together they are powerful and dangerous. There is no recycle bin on Linux.

# Remove a single file
rm file.txt

# Remove a directory and all its contents (no confirmation)
TARGET_DIR="/var/www/html/old-site"
rm -rf "${TARGET_DIR}"

# Remove all files matching a pattern
rm -f /tmp/upload_*.tmp

# Safer alternative: interactive mode
rm -ri /some/directory/

# Safest first step: preview what would be deleted
ls -la /var/log/old-logs/
Safety rule: Always quote path variables when deleting: rm -rf "${TARGET_DIR}". If TARGET_DIR is empty, an unquoted $TARGET_DIR disappears and the command targets the current directory or root. Never run bulk deletes without previewing first.

7. mkdir -p — Create Nested Directories

# Create a single directory
mkdir /var/www/newsite

# Create a nested path in one command
mkdir -p /var/www/newsite/public_html/wp-content/uploads

# Create multiple directories at once
mkdir -p /backups/{daily,weekly,monthly}

# Create with specific permissions
mkdir -m 750 /var/www/secure-dir

8. find — Search Files by Name, Size, Date, Permissions

find searches the filesystem in real time and supports executing actions on results. One of the most powerful commands on Linux.

# Find files by name (case-sensitive)
find /var/www -name "wp-config.php"

# Case-insensitive
find /var/www -iname "*.PHP"

# Files modified in the last 24 hours
find /var/log -mtime -1

# Files larger than 100MB
find / -size +100M -type f

# World-writable directories (security audit)
find /var/www -type d -perm -o+w

# Delete files older than 30 days
find /tmp -mtime +30 -type f -delete

# Files owned by a specific user
find /home -user john -type f

# Execute a command on results
find /var/www -name "*.log" -exec gzip {} \;

9. locate — Fast File Search Using Database

# Install on Ubuntu/Debian
apt install mlocate

# Update the database
updatedb

# Find files
locate nginx.conf

# Case-insensitive
locate -i NGINX.CONF

# Limit results
locate -n 10 php.ini

# Count matches
locate -c "*.conf"

Note: locate does not show files created after the last updatedb. For newly created files, use find.

10. tree — Visual Directory Structure

# Install
apt install tree

# Basic usage
tree /etc/nginx/

# Show hidden files
tree -a /var/www/site/

# Limit depth
tree -L 2 /opt/

# Show file sizes
tree -sh /var/www/

# Directories only
tree -d /etc/

# Output to file
tree /var/www > /tmp/structure.txt

Category 2: File Content and Editing (Commands 11–18)

11. cat / tac — View File Contents

# Display a file
cat /etc/nginx/nginx.conf

# Show line numbers
cat -n /var/log/syslog

# Concatenate multiple files
cat file1.txt file2.txt > combined.txt

# View in reverse order (last line first)
tac /var/log/auth.log

12. head -n / tail -n — First or Last N Lines

# First 20 lines
head -n 20 /etc/nginx/nginx.conf

# Last 50 lines of a log
tail -n 50 /var/log/nginx/error.log

# Last 100 lines of multiple files
tail -n 100 /var/log/nginx/error.log /var/log/php8.3-fpm.log

# Default is 10 lines
head /etc/passwd
tail /var/log/syslog

13. tail -f — Real-Time Log Monitoring

The -f flag follows a file as it grows — essential for watching live logs during deployments, debugging, and monitoring.

# Follow a log file
tail -f /var/log/nginx/error.log

# Follow multiple files simultaneously
tail -f /var/log/nginx/error.log /var/log/php8.3-fpm.log

# Show last 100 lines first, then follow
tail -fn 100 /var/log/nginx/access.log

# Filter with grep while following
tail -f /var/log/auth.log | grep "Failed password"

# Stop following when a string appears
tail -f /var/log/myapp.log | grep -m 1 "Server started"

14. grep -rni — Search Inside Files

# Search in a file
grep "error" /var/log/nginx/error.log

# Recursive directory search
grep -r "database_password" /var/www/

# Case-insensitive with line numbers
grep -ni "fatal" /var/log/syslog

# 3 lines of context around matches
grep -C 3 "segfault" /var/log/kern.log

# Count matches
grep -c "404" /var/log/nginx/access.log

# Invert — lines that do NOT match
grep -v "^#" /etc/nginx/nginx.conf

# Extended regex
grep -E "error|warning|critical" /var/log/syslog

15. sed — Stream Editor for Find and Replace

# Replace text in a file (with backup)
sed -i.bak 's/old_text/new_text/g' config.php

# Replace on line 5 only
sed -i '5s/old/new/' file.txt

# Delete comment lines
sed -i '/^#/d' config.conf

# Delete blank lines
sed -i '/^$/d' file.txt

# Print only matching lines
sed -n '/error/p' /var/log/syslog

# Insert a line after a match
sed -i '/listen 80/a \    server_name example.com;' nginx.conf

16. awk — Pattern Scanning and Processing

# Print column 2
awk '{print $2}' /var/log/nginx/access.log

# Extract fields from /etc/passwd
awk -F: '{print $1, $7}' /etc/passwd

# Lines where HTTP status (col 9) is 500
awk '$9 == 500' /var/log/nginx/access.log

# Sum bytes column
awk '{sum += $10} END {print sum}' /var/log/nginx/access.log

# Top IPs by frequency
awk '{count[$1]++} END {for (ip in count) print count[ip], ip}' /var/log/nginx/access.log | sort -rn | head -20

# Lines between two patterns
awk '/START/,/END/' logfile.txt

17. nano / vim — Terminal Text Editors

# nano — beginner-friendly
nano /etc/nginx/sites-available/mysite.conf
# Ctrl+O save, Ctrl+X exit, Ctrl+W search

# vim — more powerful once mastered
vim /etc/nginx/nginx.conf
# i to insert, Esc to normal mode
# :w save, :q quit, :wq save+quit, :q! force quit
# /searchterm to search, n for next
# dd delete line, yy copy, p paste
# :%s/old/new/g find and replace

# Open at a specific line
vim +150 /var/log/error.log

# Read-only mode
vim -R /etc/sensitive-config

18. wc -l — Count Lines, Words, Characters

# Count lines
wc -l /var/log/nginx/access.log

# Count words
wc -w document.txt

# Count bytes
wc -c config.php

# All three
wc /etc/nginx/nginx.conf
# Output: 120  450  3821  nginx.conf

# Unique IPs in log
awk '{print $1}' /var/log/nginx/access.log | sort | uniq | wc -l

# Today's 500 errors
grep "$(date +%d/%b/%Y)" /var/log/nginx/access.log | grep " 500 " | wc -l

Category 3: System Information (Commands 19–25)

19. uname -a — Full System Information

uname -a
# Output: Linux server1 6.8.0-51-generic #52-Ubuntu SMP x86_64 GNU/Linux

uname -r   # kernel version
uname -s   # OS name
uname -m   # architecture

20. hostname — Server Hostname

hostname           # show hostname
hostname -f        # fully qualified (FQDN)
hostname -I        # all IP addresses
hostnamectl set-hostname new-hostname   # change permanently

21. uptime — System Uptime and Load Average

Shows uptime and 1, 5, 15-minute load averages. Load above your CPU count means overload.

uptime
# Output:  21:42:03 up 47 days, 3:15,  2 users,  load average: 0.42, 0.38, 0.31

uptime -p
# Output: up 47 days, 3 hours, 15 minutes

22. df -h — Disk Space Usage

df -h              # all filesystems, human-readable
df -h /var/www     # specific path
df -i              # inode usage (critical for "disk full" debugging)
df -T              # show filesystem type

Sample output:

Filesystem      Size  Used Avail Use% Mounted on
/dev/sda1       422G  270G  135G  67% /
/dev/sdb1       500G  120G  380G  24% /backup
When a server reports "no space left on device" but df -h shows free space, check df -i — you may have exhausted inodes, not disk blocks.

23. du -sh — Directory Size

du -sh /var/www/html/

# All items sorted by size
du -sh /var/www/* | sort -h

# Top 10 largest under /var
du -sh /var/* 2>/dev/null | sort -rh | head -10

# With depth limit
du --max-depth=2 -h /var/

24. free -h — Memory Usage

free -h
#               total        used        free      shared  buff/cache   available
# Mem:           31Gi        10Gi       2.1Gi       1.3Gi        19Gi        20Gi
# Swap:          7.8Gi          0B       7.8Gi

The available column matters most — it includes reclaimable cache memory.

watch -n 2 free -h    # refresh every 2 seconds
free -m               # in megabytes

25. lscpu / nproc — CPU Information

lscpu                            # detailed CPU info
nproc                            # logical CPU count (e.g. 8)
lscpu | grep "Core(s) per socket"
lscpu | grep "Model name"

Category 4: Process Management (Commands 26–32)

26. ps aux — List All Running Processes

ps aux                          # all processes
ps aux | grep nginx             # find specific process
ps aux --sort=-%mem | head -20  # top memory consumers
ps aux --sort=-%cpu | head -20  # top CPU consumers
ps auxf                         # process tree

27. top / htop — Real-Time Process Monitor

top
# q=quit, k=kill, M=sort by memory, P=sort by CPU, 1=per-CPU

apt install htop && htop
# Arrow keys navigate, F9 kill, F6 sort, F2 setup

28. kill / killall — Terminate Processes

kill 12345           # graceful SIGTERM
kill -9 12345        # force kill SIGKILL
killall nginx        # kill all by name
pkill -u baduser     # kill all for a user
kill -HUP $(cat /var/run/nginx.pid)   # reload config (SIGHUP)

29. nice / renice — Process Priority

Nice values: -20 (highest priority) to 19 (lowest). Root required for negative values.

# Start with low priority
nice -n 15 mysqldump -u root mydb > /backup/mydb.sql

# Adjust running process
renice -n 10 -p 12345

# Run backup without impacting live traffic
nice -n 19 tar -czf /backup/www.tar.gz /var/www/

30. nohup — Keep Process Running After Logout

nohup ./long-running-script.sh &
nohup ./build.sh > /tmp/build.log 2>&1 &
jobs
tail -f nohup.out

31. screen / tmux — Terminal Multiplexer

# screen
screen -S mysession   # create
screen -ls            # list
screen -r mysession   # reattach
# Ctrl+A then D to detach

# tmux
tmux new -s mysession
tmux ls
tmux attach -t mysession
# Ctrl+B D to detach
# Ctrl+B % vertical split, Ctrl+B " horizontal
# Ctrl+B arrow keys to switch panes

32. systemctl — Manage Systemd Services

systemctl start nginx
systemctl stop nginx
systemctl restart nginx
systemctl reload nginx         # reload config without restart
systemctl status nginx
systemctl enable nginx         # autostart on boot
systemctl disable nginx
systemctl list-units --type=service --state=running
systemctl --failed
journalctl -u nginx -n 100 --no-pager

Category 5: Networking (Commands 33–40)

33. ip a / ifconfig — Network Interfaces

ip a               # all interfaces
ip a show eth0     # specific interface
ip r               # routing table
ip n               # ARP neighbors
ifconfig           # legacy
ip link set eth0 up / down

34. ss -tulnp / netstat — Open Ports

ss -tulnp            # t=TCP, u=UDP, l=listen, n=numeric, p=process
ss -tulnp | grep :80
ss -tnp state established
netstat -tulnp       # legacy

35. ping — Test Connectivity

ping google.com
ping -c 4 8.8.8.8
ping -i 0.2 -c 20 192.168.1.1
ping6 ipv6.google.com

36. curl / wget — HTTP Requests and Downloads

curl -I https://panelica.com          # headers only
curl -O https://example.com/file.tar.gz
wget https://example.com/file.tar.gz
curl -o myfile.tar.gz https://example.com/file.tar.gz
curl -X POST https://api.example.com/v1/users \
  -H "Content-Type: application/json" \
  -d '{"name":"John","email":"[email protected]"}'
curl -sLo /dev/null -w "%{http_code}" https://example.com
wget -c https://example.com/large-file.iso    # resume

37. dig / nslookup — DNS Lookup

dig panelica.com
dig panelica.com A
dig panelica.com MX
dig panelica.com TXT
dig +short panelica.com
dig @8.8.8.8 panelica.com
dig -x 138.201.59.57     # reverse DNS
nslookup panelica.com

38. traceroute — Network Path

traceroute google.com
traceroute -I google.com    # ICMP mode
mtr google.com              # combined ping + traceroute
mtr --report --report-cycles 20 google.com

39. scp / rsync — Secure File Transfer

scp /local/file.txt user@remote:/remote/path/
scp user@remote:/remote/file.txt /local/path/
scp -r /local/dir/ user@remote:/remote/dir/

rsync -avz --delete /var/www/site/ user@backup:/backups/site/
rsync -avz --progress /large/dir/ user@server:/destination/
rsync -avzn /source/ /destination/   # dry run
rsync -avz --exclude='*.log' --exclude='node_modules/' /source/ /dest/

40. iptables / nft — Firewall Rules

iptables -L -n -v
iptables -A INPUT -p tcp --dport 8080 -j ACCEPT
iptables -A INPUT -s 192.168.1.100 -j DROP

nft list ruleset
nft add rule inet filter input tcp dport 8080 accept

ufw status
ufw allow 80/tcp
ufw allow from 192.168.1.0/24 to any port 22
ufw deny 3306

Category 6: User and Permission Management (Commands 41–45)

41. useradd / userdel — Manage Users

useradd -m -s /bin/bash john
passwd john
usermod -aG sudo john
usermod -aG www-data john
useradd -r -s /usr/sbin/nologin myservice   # system user
groups john
id john
userdel john        # account only
userdel -r john     # account + home
usermod -L john     # lock
usermod -U john     # unlock

42. chmod — Change File Permissions

# Numeric: owner-group-others, values: r=4 w=2 x=1
chmod 644 file.txt        # rw-r--r--
chmod 755 script.sh       # rwxr-xr-x
chmod 700 ~/.ssh/         # rwx------
chmod 600 ~/.ssh/id_rsa   # rw-------

# Symbolic
chmod u+x script.sh
chmod o-w file.txt
chmod a+r public.html

chmod -R 755 /var/www/html/       # recursive
chmod 1777 /shared/uploads/       # sticky bit

find /var/www/html -type f -exec chmod 644 {} \;
find /var/www/html -type d -exec chmod 755 {} \;

43. chown — Change File Ownership

chown john file.txt
chown john:www-data file.txt
chown :www-data file.txt
chown -R www-data:www-data /var/www/html/site/
chown root:root /etc/ssh/sshd_config
chmod 600 /etc/ssh/sshd_config

44. sudo — Execute Commands as Root

sudo apt update
sudo -i                              # interactive root shell
sudo -u www-data php artisan migrate
sudo nano /etc/nginx/nginx.conf
sudo visudo                          # safely edit sudoers
sudo -l                              # check your permissions

45. passwd — Change Passwords

passwd              # change own password
passwd john         # change another user (as root)
passwd -e john      # force change on next login
passwd -l john      # lock account
passwd -u john      # unlock account
chage -M 90 john    # expire every 90 days
chage -l john       # view expiry info

Category 7: Package and System Management (Commands 46–50)

46. apt update && apt upgrade — Update the System

apt update
apt upgrade -y
apt full-upgrade -y                  # includes dependency changes
apt install nginx php8.3-fpm
apt remove nginx
apt purge nginx                      # also removes config files
apt autoremove -y
apt search wordpress
apt show nginx

47. journalctl — View Systemd Logs

journalctl                           # all logs
journalctl -f                        # follow in real time
journalctl -u nginx                  # specific service
journalctl -u nginx -f               # follow service
journalctl -b                        # since last boot
journalctl --since "1 hour ago"
journalctl --since "2026-03-15 10:00:00" --until "2026-03-15 11:00:00"
journalctl -p err                    # errors only
journalctl -u php8.3-fpm -n 100 --no-pager
journalctl --disk-usage
journalctl --vacuum-time=30d

48. crontab -e — Schedule Tasks

crontab -e                  # edit current user cron
crontab -u john -e          # edit another user's cron
crontab -l                  # list cron jobs

# Format: minute  hour  day-of-month  month  day-of-week  command
30 2 * * * /opt/scripts/backup.sh >> /var/log/backup.log 2>&1
*/15 * * * * /opt/scripts/check-disk.sh
0 0 * * 1 /opt/scripts/weekly-report.sh
0 3 1 * * /opt/scripts/monthly-cleanup.sh

49. tar / gzip — Archive and Compress

tar -czf backup.tar.gz /var/www/html/
tar -cjf backup.tar.bz2 /var/www/html/   # bzip2
tar -cJf backup.tar.xz /var/www/html/    # xz (smallest)
tar -xzf backup.tar.gz
tar -xzf backup.tar.gz -C /restore/path/
tar -tzf backup.tar.gz                   # list without extracting
tar -czf backup-$(date +%Y%m%d-%H%M).tar.gz /var/www/
gzip large-file.log
gunzip large-file.log.gz

50. history — Command History and Shortcuts

history
history | grep nginx
!!                          # re-run last command
!142                        # re-run command #142
!ssh                        # re-run last command starting with "ssh"
# Ctrl+R for interactive reverse search
history -c                  # clear history
echo 'HISTSIZE=10000' >> ~/.bashrc
echo 'HISTFILESIZE=20000' >> ~/.bashrc
echo 'HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "' >> ~/.bashrc
# Prefix a command with a space to prevent saving it to history

Bonus: Dangerous Commands You Must Never Run Blindly

These commands have legitimate uses in specific, controlled contexts. But run carelessly, they cause catastrophic and irreversible damage. Know them so you recognize them — in your own scripts, in tutorials, and in commands shared online.

1. Recursive Delete from Root — Destroys the Entire Filesystem

Adding recursive (-r) and force (-f) flags to rm and targeting the filesystem root / removes the entire operating system without confirmation. There is no recovery without a full restore from backup. Modern Linux requires an explicit --no-preserve-root flag to proceed, but many scripts bypass this guard.

The most dangerous variant involves an unquoted empty variable in a delete path. If SITE_DIR is empty and your script runs rm -rf $SITE_DIR/files, the command expands to targeting /files — and depending on what follows, can cascade toward root. Always quote variables in delete commands: rm -rf "${SITE_DIR}/files". With double quotes, an empty variable keeps the path correctly anchored.

2. World-Writable Permissions — Opens Every File to Everyone

Applying chmod -R 777 on a web directory grants read, write, and execute permission to every user on the system — including compromised accounts, other tenants on a shared server, and any web shell that gets uploaded. Once planted, a malicious script can rewrite your application code, steal credentials from config files, or pivot to other sites on the same server.

The correct web server permissions are 644 for files (owner can write, everyone else read-only) and 755 for directories (owner can write, everyone else can traverse). If an application needs write access to a specific directory, grant it only on that exact path.

# Correct — minimal necessary permissions
find /var/www/html -type f -exec chmod 644 {} \;
find /var/www/html -type d -exec chmod 755 {} \;

# Grant write access to upload directory only
chmod 755 /var/www/html/uploads/
chown www-data:www-data /var/www/html/uploads/

3. Disk Wipe with dd — Overwrites Your Entire Disk with Zeros

The dd command with if=/dev/zero as input and a block device as output overwrites every block on that disk. No filesystem, no partition table, no data — completely unrecoverable without specialized forensics tools, and even those typically fail on SSDs with wear-leveling.

Before running any dd command that writes to a block device, always run lsblk to confirm which device is which, and double-check the output device argument before pressing Enter. Never run dd one-liners from untrusted tutorials without understanding each argument.

4. The Fork Bomb — Crashes the System via Process Exhaustion

A shell function that recursively calls itself and forks can rapidly exhaust every available process slot, making the system completely unresponsive and requiring a hard reboot. Obfuscated versions of this pattern look like random punctuation in shell syntax, which is intentional — it makes the pattern harder to recognize at a glance.

On systems with Cgroups v2 process limits in place, this attack is contained per user. The pids.max cgroup limit prevents any single user's processes from exceeding a configured ceiling. On an unprotected system, the effect is immediate denial of service.

5. Moving the Root Filesystem to Null — Corrupts the Filesystem Immediately

Attempting to move all items in the root directory to /dev/null (e.g. via mv /* /dev/null) corrupts the filesystem structure immediately because /dev/null is a character device, not a directory. The system becomes non-functional, and rebooting typically makes things worse because the OS cannot find its own binaries.


Frequently Asked Questions

What is the safest way to test a destructive command before running it?

For file operations, run the non-destructive equivalent first — ls before rm, rsync -avzn (dry run) before a real sync. For anything involving a variable path, echo the variable first: echo "${TARGET_DIR}" to confirm it is not empty before it reaches an rm -rf.

Why use ss instead of the older netstat?

ss reads directly from kernel data structures rather than parsing /proc line by line, which makes it noticeably faster on servers with thousands of open connections. It is also the actively maintained tool — netstat is deprecated on most modern distributions.

What is the difference between locate and find?

locate queries a pre-built database (updated via updatedb, usually once a day by cron) and is nearly instant, but will not show files created since the last update. find searches the live filesystem in real time — slower, but always accurate for files created moments ago.

Is it safe to run chmod -R 755 on a whole web directory?

Generally no for files — 755 grants execute permission to every file, including ones that should never be executable, like configuration files and uploads. Use find ... -type f -exec chmod 644 for files and find ... -type d -exec chmod 755 for directories separately, as shown in this guide.

Quick Reference: All 50 Commands

# Command Category What It Does
1ls -laFilesList files with permissions and hidden files
2cdFilesNavigate directories (~, -, .. shortcuts)
3pwdFilesPrint current working directory path
4cp -rFilesCopy files and directories recursively
5mvFilesMove or rename files and directories
6rm -rfFilesRemove files/directories recursively — always quote paths
7mkdir -pFilesCreate nested directory paths in one command
8findFilesSearch filesystem by name, size, date, permissions
9locateFilesFast name-based search using a cached database
10treeFilesDisplay directory structure as a visual tree
11cat / tacContentView file contents forward or in reverse
12head / tail -nContentView first or last N lines of a file
13tail -fContentMonitor a log file in real time
14grep -rniContentSearch for text patterns inside files
15sedContentStream editor: find, replace, delete text
16awkContentPattern scanning and structured column extraction
17nano / vimContentTerminal text editors
18wc -lContentCount lines, words, and characters
19uname -aSystemKernel version and OS architecture
20hostnameSystemShow or change the server hostname
21uptimeSystemServer uptime and load averages
22df -hSystemDisk space for all mounted filesystems
23du -shSystemDirectory and file disk consumption
24free -hSystemTotal, used, and available RAM and swap
25lscpu / nprocSystemCPU architecture and logical core count
26ps auxProcessesList all running processes with details
27top / htopProcessesInteractive real-time process monitor
28kill / killallProcessesSend signals to terminate or reload processes
29nice / reniceProcessesSet or adjust process scheduling priority
30nohupProcessesKeep a process running after SSH logout
31screen / tmuxProcessesPersistent detachable terminal sessions
32systemctlProcessesManage and inspect systemd services
33ip a / ifconfigNetworkNetwork interfaces and IP addresses
34ss -tulnpNetworkListening ports with owning process details
35pingNetworkTest connectivity and latency
36curl / wgetNetworkHTTP requests and file downloads
37dig / nslookupNetworkDNS record queries
38traceroute / mtrNetworkTrace network hops to a destination
39scp / rsyncNetworkSecure file transfer between servers
40iptables / nft / ufwNetworkView and manage firewall rules
41useradd / userdelUsersCreate and remove user accounts
42chmodUsersChange read, write, execute permissions
43chownUsersChange owner and group of files
44sudoUsersExecute commands with elevated privileges
45passwdUsersSet or change user passwords
46apt update / upgradePackagesRefresh package list and upgrade software
47journalctlPackagesQuery and follow systemd journal logs
48crontab -ePackagesSchedule recurring tasks
49tar / gzipPackagesCreate and extract compressed archives
50historyPackagesBrowse and re-run previous commands

The Real Skill: Combining Commands

Knowing these commands individually is the starting point. The real value comes from combining them. Here is what experienced admins actually type:

# Top 10 IPs generating traffic right now
tail -n 10000 /var/log/nginx/access.log | awk '{print $1}' | sort | uniq -c | sort -rn | head -10

# PHP files modified in last 24 hours (quick malware scan)
find /var/www -name "*.php" -mtime -1 -type f | xargs ls -la

# Watch disk I/O in real time
watch -n 1 'iostat -x 1 1'

# Stream service log and highlight errors
journalctl -u nginx -f | grep -E "error|warn|crit"

# Count unique 404 URLs in last 1000 log lines
tail -n 1000 /var/log/nginx/access.log | awk '$9 == 404 {print $7}' | sort | uniq -c | sort -rn | head -20

These one-liners are what separate a reactive admin from a proactive one. Practice them, adapt them, and save the ones you use repeatedly.

Managing Servers Without Memorizing Everything

Even experienced sysadmins look up syntax regularly. The goal is not memorization — it is knowing which tool to reach for and what it is capable of. Build your own reference, keep it updated, and practice the commands you use least often.

If you would rather spend less time on the command line and more time on what actually matters — running sites, managing clients, handling deployments — that is exactly what Panelica is built for. Every operation covered in this guide has a corresponding interface in the panel: file manager, process monitor, firewall rules, user management, cron editor, log viewer, DNS management, backups, SSL automation — all in one place, with no additional cost and no plugin required.

But when you do need the terminal — and you will — you now have the full toolkit.

Learn more about Panelica or browse more tutorials on setting up and securing your server infrastructure.

Security-first hosting panel

Stop bolting tools onto a legacy panel.

Panelica is a modern, security-first hosting panel — isolated services, built-in Docker and AI-assisted management, with one-click migration from any panel.

Zero-downtime migration Fully isolated services Cancel anytime
Share:
How secure is your hosting panel?