The everyday commands I actually use — file ops, text processing, system info, and networking.
Finding, copying, syncing, and permissioning files from the command line.
Locate files matching a pattern, or find things modified in the last N days.
# Find all .log files under /var
find /var -name "*.log" -type f
# Files modified in the last 7 days
find /home -mtime -7 -type f
# Find and delete .tmp files (print first to verify)
find . -name "*.tmp" -type f -print
find . -name "*.tmp" -type f -deletePipe file lists into commands. Use -print0 / -0 to handle filenames with spaces.
# Delete all .pyc files safely
find . -name "*.pyc" -print0 | xargs -0 rm -f
# Count lines across all JS files
find src -name "*.js" -print0 | xargs -0 wc -lBetter than cp for large transfers — shows progress, can resume, and handles deltas.
# Sync local folder to remote server
rsync -avz --progress ./dist/ user@server:/var/www/html/
# Mirror a directory (delete files at dest that are gone from source)
rsync -av --delete /source/ /backup/
# Dry run first to see what would change
rsync -avz --dry-run ./local/ user@remote:/path/Compress and extract archives. tar with gzip is the most common combo on Linux.
# Create a .tar.gz archive
tar -czf archive.tar.gz /path/to/directory
# Extract a .tar.gz archive
tar -xzf archive.tar.gz -C /destination/
# Create a zip and extract a zip
zip -r backup.zip /path/to/folder
unzip backup.zip -d /destination/Set file permissions and ownership. Use numeric mode for precision.
# Owner read/write/exec, group read/exec, others read/exec
chmod 755 script.sh
# Owner read/write, group read, others nothing
chmod 640 config.yml
# Change owner and group recursively
chown -R www-data:www-data /var/www/html/
# Make a script executable
chmod +x deploy.shSearching, filtering, transforming, and counting text in files and streams.
Recursive search with line numbers is the most useful default. Add -i for case-insensitive.
# Search recursively with line numbers
grep -rn "TODO" ./src/
# Case-insensitive, show 2 lines of context
grep -rni -C 2 "error" /var/log/syslog
# Invert match — show lines that do NOT contain "debug"
grep -v "debug" app.log
# Only list filenames that contain a match
grep -rl "deprecated" ./lib/Print specific columns from whitespace-delimited output. Column numbering starts at $1.
# Print the 1st and 3rd columns
awk '{print $1, $3}' data.txt
# Print lines where column 3 is greater than 100
awk '$3 > 100 {print $0}' stats.csv
# Use a custom delimiter (colon-separated, like /etc/passwd)
awk -F: '{print $1, $7}' /etc/passwd
# Sum a column of numbers
awk '{sum += $1} END {print sum}' numbers.txtStream editor for substitutions. Add -i to edit files in place (use -i.bak for a backup).
# Replace first occurrence on each line
sed 's/foo/bar/' file.txt
# Replace ALL occurrences on each line (global)
sed 's/foo/bar/g' file.txt
# In-place edit with backup
sed -i.bak 's/localhost/0.0.0.0/g' config.yml
# Delete lines matching a pattern
sed '/^#/d' config.confThe sort | uniq -c | sort -rn pipeline is one of the most useful one-liners in Linux.
# Count occurrences of each line, sorted by frequency
sort access.log | uniq -c | sort -rn | head -20
# Extract IPs from a log and rank by frequency
awk '{print $1}' access.log | sort | uniq -c | sort -rn | head -10
# Sort a CSV by the 2nd column numerically
sort -t',' -k2 -n data.csvQuick column slicing, character translation, and counting.
# Extract the 1st field from a CSV
cut -d',' -f1 data.csv
# Replace spaces with newlines
tr ' ' '\n' < input.txt
# Squeeze repeated spaces into one
tr -s ' ' < messy.txt
# Count lines, words, and bytes
wc -l file.txt # lines only
wc -w file.txt # words only
find src -name "*.py" | xargs wc -l | tail -1 # total lines of PythonCheck what is using your storage and RAM before things go sideways.
Shows how full each mounted filesystem is. The -h flag makes sizes human-readable.
# Human-readable disk usage for all mounted filesystems
df -h
# Show only a specific mount
df -h /home
# Show filesystem type alongside usage
df -hTFind what is eating your disk. Combine with sort to rank directories by size.
# Summary size of each item in the current directory
du -sh *
# Top 10 largest directories under /home
du -h --max-depth=1 /home | sort -rh | head -10
# Size of a single directory
du -sh /var/logQuick snapshot of RAM and swap. The "available" column is what matters, not "free".
# Human-readable memory overview
free -h
# Watch memory every 2 seconds
watch -n 2 free -hncdu is an interactive disk usage explorer (install it if you haven't). lsblk lists block devices.
# Interactive disk usage browser (navigate with arrow keys, d to delete)
ncdu /home
# List all block devices (disks and partitions)
lsblk
# Include filesystem type and mount points
lsblk -fInspecting connections, testing endpoints, and diagnosing network issues.
The Swiss Army knife for APIs. Use -I for headers only, -v for verbose.
# Fetch response headers only
curl -I https://example.com
# GET with verbose output (see TLS handshake, headers, etc.)
curl -v https://api.example.com/health
# POST JSON data
curl -X POST https://api.example.com/data \
-H "Content-Type: application/json" \
-d '{"key": "value"}'
# Follow redirects and save output to a file
curl -L -o page.html https://example.comReplaced netstat. Shows which ports are open and what is listening.
# List all listening TCP/UDP ports with process names
ss -tulpn
# Show only established connections
ss -t state established
# Filter by port number
ss -tlnp | grep :8080Query DNS records. +short strips the verbose output.
# Quick A record lookup
dig +short example.com
# MX records
dig +short MX example.com
# Use a specific DNS server (Google)
dig @8.8.8.8 example.com
# Reverse DNS lookup
dig -x 93.184.216.34Download files, check your own addresses, and trace the path packets take.
# Download a file
wget https://example.com/file.tar.gz
# Mirror a website for offline reading
wget --mirror --convert-links --page-requisites https://example.com
# Show your IP addresses
ip addr show
# Ping with a count limit
ping -c 5 example.com
# Trace the route to a host
traceroute example.comFinding, monitoring, and controlling running processes.
Pipe through grep to find a specific process. The aux flags show all users and details.
# Find a process by name
ps aux | grep nginx
# Exclude the grep process itself from results
ps aux | grep '[n]ginx'
# Show process tree (parent-child relationships)
ps auxfhtop is an interactive process viewer. Much better than plain top.
# Launch htop
htop
# Filter to a specific user
htop -u www-data
# Sort by memory usage (press M inside htop)
# Sort by CPU usage (press P inside htop)
# Search for a process (press / inside htop)
# Kill a process (select it, press F9, choose signal)Always try -15 (SIGTERM, graceful) first. Only use -9 (SIGKILL, forced) as a last resort.
# Graceful shutdown (SIGTERM) — lets the process clean up
kill -15 12345
# Force kill (SIGKILL) — immediate, no cleanup
kill -9 12345
# Kill all processes by name
killall node
# Kill all processes by name (more flexible pattern matching)
pkill -f "python server.py"Run commands that survive after you close the terminal session.
# Run a command immune to hangups, output goes to nohup.out
nohup ./long-running-script.sh &
# Redirect output to a specific log file
nohup ./script.sh > output.log 2>&1 &
# Suspend current job (Ctrl+Z), then resume in background
# Press Ctrl+Z first, then:
bg
# List background jobs and bring one to foreground
jobs
fg %1Find out which process is holding a file or hogging a port.
# Which process is using port 3000?
lsof -i :3000
# All network connections by a specific process
lsof -i -a -p 12345
# Who has this file open?
lsof /var/log/syslog
# All files opened by a specific user
lsof -u www-data