For anyone working with distributed servers, knowing key Linux command-line operations is essential. These tips cover file sharing and disk management.
If you need your Linux machine to access files on a Windows server, you can use the CIFS (Common Internet File System) protocol.
Step 1: Install the necessary tools.
sudo apt install cifs-utils
Step 2: Mount the shared drive. This command connects to the Windows share and makes it accessible through a local folder, such as /media/share.
sudo mount.cifs //WindowsBox/ShareLocation /media/share -o user=yourusername
When you copy an entire partition or disk (dd), the command usually runs silently. To see the progress and ensure the operation is still running, you can use the pv (Pipe Viewer) utility.
Command to Create Image and See Progress:
sudo dd if=/dev/sdb1 bs=4M | pv | sudo dd of=/media/share/usb_diskimage.img bs=4M
This command creates an image of partition /dev/sdb1 and saves it to a file, showing a progress bar as it works.
Once you have a disk image file, you don't need to restore it to a physical drive to see what's inside. You can mount the image file directly as if it were a physical disk using the loop option.
Command to Mount the Image File:
sudo mount -o loop /media/share/usb_diskimage.img /media/imgdisk
This makes the contents of the disk image accessible via the /media/imgdisk folder.
These commands are essential for security, debugging, and advanced data management in production environments.
Generating an SSH key pair is fundamental for securing connections and enabling automation.
Command to Generate Key:
ssh-keygen -t ed25519 -C "your_email@example.com"
This creates a highly secure Ed25519 public/private key pair. The comment is useful for identification.
When a port is already in use, lsof (List Open Files) quickly tells you which process is binding it.
Command to Check a Specific Port:
sudo lsof -i :8080
This command lists the process ID (PID) and command name of the application currently listening on port 8080.
The ss utility (Socket Statistics) is the modern replacement for netstat and is much faster for inspecting active connections and socket information.
Command to Show Listening TCP Sockets with PIDs:
ss -tulnpa
This command displays all TCP/UDP listening sockets (-tuln) along with the process and program names (-pa).
rsync is crucial for highly efficient file copying and synchronization, especially over networks, as it only transfers the changes (diffs) between files.
Command for Dry-Run Sync (Highly Recommended):
rsync -avzn --delete /source/ user@remote:/destination/
The flags a (archive), v (verbose), z (compress), and n (dry-run) are used. The --delete flag removes files from the destination that are not in the source, but the n flag prevents it from executing.
When a container is running but behaving unexpectedly, docker exec allows you to open a shell inside it for live debugging and inspection.
Command to open bash shell:
docker exec -it [container_id_or_name] /bin/bash
The -it flags are required to allocate a pseudo-TTY and keep STDIN open, allowing for interactive use.
For deep network diagnostics, tcpdump captures and analyzes network traffic matching specific rules. This is essential for debugging firewall issues or connectivity problems between services.
Command to Capture Traffic on a Specific Interface and Port:
sudo tcpdump -i eth0 port 80 and host [ip_address]
This command captures all traffic on the eth0 interface that is destined for or coming from port 80 and the specified host IP.
htop is an interactive and color-coded process viewer that provides a much better overview of CPU, memory, and running processes than the standard top command.
Command to Run Htop:
htop
Requires installation (sudo apt install htop). Use it to quickly identify processes consuming excessive resources.
Netcat (or nc) is the "TCP/IP Swiss Army Knife." It's invaluable for testing connectivity, firewalls, and data transfer paths by manually creating sockets.
1. Creating a Simple TCP Listener (Server Mode):
nc -l -p 9090
The -l flag tells nc to listen for incoming connections on port 9090. Any data received will print to the console.
2. Connecting to a Remote Port (Client Mode):
nc target.example.com 9090
Opens a TCP connection to port 9090 on the target host. Once connected, you can type data to send to the listener.
3. Checking Open Ports (Simple Port Scanning):
nc -vz -w 1 target.example.com 80 443 8080
The -v (verbose) and -z (zero-I/O mode) flags quickly report whether the specified ports are open or closed without sending application data. -w 1 sets a 1-second timeout.
Containers achieve isolation using Namespaces (e.g., net, PID, mount). The nsenter utility allows you to execute commands within any namespace of a running process, enabling advanced host-level container debugging.
Command to Inspect a Container's Network Namespace:
PID=$(docker inspect -f '{{.State.Pid}}' [container_id_or_name])
sudo nsenter -t $PID -n ip addr show
This command first finds the container's primary Process ID (PID) and then uses nsenter to run the ip addr show command specifically inside that PID's network namespace (-n). This allows you to see the container's private IP and virtual network configuration from the host.