A practical reference for the command line. Commands tested on Arch Linux / systemd systems; most apply to any Linux distro.
| # | Tip | Command / Notes |
|---|---|---|
| 1 | Search command history interactively | Ctrl+R — type to filter, press again to cycle matches |
| 2 | Repeat the last command | !! — useful as sudo !! when you forgot sudo |
| 3 | Reuse the last argument of the previous command | !$ e.g. mkdir /long/path && cd !$ |
| 4 | Jump to the previous directory | cd - |
| 5 | Directory stack for multi-directory navigation | pushd /path / popd / dirs -v |
| 6 | Search inside a man page | Press /pattern then n / N to cycle results |
| 7 | Search backwards in less | ?pattern inside less |
| 8 | Recursive text search with line numbers | grep -rn "pattern" /path — add -l for filenames only |
| 9 | Find files modified in the last 7 days | find . -name "*.log" -mtime -7 |
| 10 | Pass command output as arguments to another command | find . -name "*.bak" | xargs rm |
| 11 | Write output to a file and still see it on screen | command | tee output.txt |
| 12 | Extract a specific column from text output | awk '{print $2}' file — change $2 for the column you need |
| 13 | Global find-and-replace inside a file | sed -i 's/old/new/g' file |
| 14 | Count occurrences, most frequent first | sort | uniq -c | sort -rn |
| 15 | Disk usage of every item in the current directory | du -sh * |
| 16 | Human-readable disk free space | df -h |
| 17 | Find what is using a specific port | lsof -i :8080 or ss -tulnp | grep 8080 |
| 18 | Find a running process by name | pgrep -a nginx or ps aux | grep nginx |
| 19 | Kill a process gracefully, then forcefully if needed | kill PID (SIGTERM first) → kill -9 PID (SIGKILL) |
| 20 | Keep a session alive after logout | tmux new -s name / tmux attach -t name |
| 21 | Create reusable command shortcuts | alias ll='ls -lh --color=auto' — add to ~/.zshrc |
| 22 | Search history for a specific command type | history | grep ssh |
| 23 | Suspend a foreground process and background it | Ctrl+Z then bg |
| 24 | List background jobs and bring one to foreground | jobs → fg %1 |
| 25 | Make a script executable | chmod +x script.sh |
| 26 | Change file owner and group | chown user:group file |
| 27 | Create a symbolic link | ln -s /path/to/target linkname |
| 28 | Compress a directory into a tarball | tar -czf archive.tar.gz dir/ |
| 29 | Extract a tar archive | tar -xzf archive.tar.gz — add -C /dest for a target directory |
| 30 | Sync files efficiently with progress | rsync -avz --progress src/ dest/ |
| 31 | Generate a modern SSH key pair | ssh-keygen -t ed25519 -C "your@email" |
| 32 | Copy your public key to a remote host | ssh-copy-id user@host |
| 33 | Follow system logs in real time | journalctl -f — add -u nginx to filter by unit |
| 34 | Manage systemd services | systemctl status|start|stop|restart|enable|disable service |
| 35 | View recent kernel messages with timestamps | sudo dmesg -T | tail -n 50 |
| 36 | Trace system calls of a running process | strace -p PID |
| 37 | Show shared library dependencies of a binary | ldd /usr/bin/binary |
| 38 | Locate where a command lives | which cmd / whereis cmd / type cmd |
| 39 | Abort on any error in bash scripts | set -euo pipefail at the top of every script |
| 40 | Run a command that survives terminal close | nohup command & disown |
| # | Tip | Command / Notes |
|---|---|---|
| 41 | Show all network interfaces and addresses | ip addr (modern replacement for ifconfig) |
| 42 | View the routing table | ip route |
| 43 | List open ports and their processes | ss -tulnp (modern replacement for netstat -tulnp) |
| 44 | Detect service versions on open ports | nmap -sV host |
| 45 | Scan all 65535 ports | nmap -p- host |
| 46 | Limit ping to a fixed count | ping -c 4 host |
| 47 | Trace the route to a host | traceroute host or tracepath host (no root needed) |
| 48 | Fetch only HTTP response headers | curl -I https://example.com |
| 49 | Debug a curl request in full detail | curl -v https://example.com |
| 50 | Resume an interrupted download | wget -c URL |
| 51 | Full DNS record lookup | dig domain ANY |
| 52 | Quick, clean DNS answer | dig +short domain |
| 53 | Query a specific DNS server | dig @8.8.8.8 domain |
| 54 | Domain registration and owner info | whois domain |
| 55 | List current firewall rules | iptables -L -n -v or nft list ruleset (nftables) |
| 56 | Capture live traffic on an interface | tcpdump -i eth0 -n port 80 |
| 57 | Quick port scan with netcat | nc -zv host 20-25 |
| 58 | Simple TCP listener for connectivity testing | nc -l 4444 (server) / nc host 4444 (client) |
| 59 | Forward a local port through SSH | ssh -L 8080:localhost:80 user@host |
| 60 | Create a SOCKS proxy via SSH | ssh -D 1080 user@host — point browser to localhost:1080 |
| 61 | Real-time traceroute with packet loss stats | mtr host |
| 62 | View the ARP cache | arp -n or ip neigh |
| 63 | Get all local IP addresses | hostname -I |
| 64 | Get your public IP from the terminal | curl -s ifconfig.me |
| 65 | Override DNS for a host locally | Add 1.2.3.4 hostname to /etc/hosts |
| 66 | Check or change the DNS resolver | /etc/resolv.conf — on systemd: resolvectl status |
| 67 | Manage connections via NetworkManager CLI | nmcli con show / nmcli dev wifi connect SSID password PASS |
| 68 | Scan for nearby WiFi networks | nmcli dev wifi list or iwlist wlan0 scan |
| 69 | Check NIC speed and duplex | ethtool eth0 |
| 70 | Save a packet capture for Wireshark | tcpdump -i eth0 -w capture.pcap |
| # | Use Case | Command |
|---|---|---|
| 1 | Quick ping scan — discover live hosts on a subnet | nmap -sn 192.168.1.0/24 |
| 2 | Fast scan of the 1000 most common ports | nmap -F host |
| 3 | Scan all 65535 ports | nmap -p- host |
| 4 | Detect service versions on open ports | nmap -sV host |
| 5 | OS detection (requires root) | sudo nmap -O host |
| 6 | Aggressive scan — OS, version, scripts, traceroute | sudo nmap -A host |
| 7 | SYN stealth scan (half-open, requires root) | sudo nmap -sS host |
| 8 | UDP scan for common services (DNS, SNMP, etc.) | sudo nmap -sU --top-ports 20 host |
| 9 | Run default NSE scripts against a host | nmap -sC host |
| 10 | Save results in all formats (normal, XML, grepable) | nmap -oA scan_output host |
| # | Use Case | Filter |
|---|---|---|
| 1 | Show only HTTP traffic | http |
| 2 | Show only HTTPS / TLS traffic | tls |
| 3 | Filter by source or destination IP | ip.addr == 192.168.1.10 |
| 4 | Filter by source IP only | ip.src == 192.168.1.10 |
| 5 | Filter traffic on a specific port | tcp.port == 443 or udp.port == 53 |
| 6 | Show only DNS queries and responses | dns |
| 7 | Show TCP connection resets (useful for troubleshooting drops) | tcp.flags.reset == 1 |
| 8 | Show TCP SYN packets only (spot connection attempts) | tcp.flags.syn == 1 && tcp.flags.ack == 0 |
| 9 | Filter traffic between two specific hosts | ip.addr == 10.0.0.1 && ip.addr == 10.0.0.2 |
| 10 | Search packet contents for a string (e.g. credentials in cleartext) | frame contains "password" |
| # | Tip | Command / Notes |
|---|---|---|
| 71 | Always start with the logs | journalctl -xe or /var/log/syslog / /var/log/messages |
| 72 | Find kernel errors and warnings | dmesg | grep -i "error\|fail\|warn" |
| 73 | Check available memory | free -h |
| 74 | Real-time CPU, memory, and I/O stats | vmstat 1 — updates every second |
| 75 | Disk I/O utilization per device | iostat -x 1 |
| 76 | Interactive process monitor | htop (install separately) or top |
| 77 | See which process is hammering the disk | iotop (requires root) |
| 78 | Check system load averages | uptime — 1/5/15-min averages; above CPU count = overloaded |
| 79 | See recent successful logins | last |
| 80 | See failed login attempts | lastb (requires root) |
| 81 | Check auth log for brute force activity | grep "Failed password" /var/log/auth.log |
| 82 | Get a summary of network statistics | ss -s |
| 83 | List all block devices and mount points | lsblk |
| 84 | Get UUIDs of block devices for /etc/fstab | blkid |
| 85 | Check and repair a filesystem | fsck /dev/sdXN — only on unmounted partitions |
| 86 | Check drive health via SMART | smartctl -a /dev/sda — install smartmontools |
| 87 | See exactly what a command does at the OS level | strace -e trace=file command |
| 88 | Trace library calls | ltrace command |
| 89 | Check if resource limits are causing failures | ulimit -a — raise open files with ulimit -n 65535 |
| 90 | See which process owns each network socket | ss -tp |
| 91 | Find what is preventing an unmount | lsof +D /mnt/drive or fuser -m /mnt/drive |
| 92 | View all environment variables | env or printenv VAR for a single variable |
| 93 | Fix a broken or garbled terminal | reset — or stty sane if reset is also unresponsive |
| 94 | Determine what type of file something is | file /path/to/file |
| 95 | Check the HTTP status code of a URL | curl -o /dev/null -sw "%{http_code}\n" URL |
| 96 | Test if a remote port is reachable | nc -zv host port |
| 97 | Check SSL certificate expiry date | echo | openssl s_client -connect host:443 2>/dev/null | openssl x509 -noout -dates |
| 98 | Find large files consuming disk space | find / -type f -size +100M -exec ls -lh {} \; 2>/dev/null | sort -k5 -rh |
| 99 | Verify a file's integrity with a checksum | sha256sum file then compare against the published hash |
| 100 | Always capture verbose output before escalating an issue | command -v 2>&1 | tee debug.log — attach the log when asking for help |
| # | Tip | Notes |
|---|---|---|
| 1 | Be specific in your prompts | Vague prompts get vague answers. Include context, constraints, and the exact output format you want. |
| 2 | Use a system prompt to set the model's role | Tell the model who it is before asking questions: "You are a senior Linux sysadmin..." shapes every response that follows. |
| 3 | Ask the model to think step by step | Adding "think step by step" or "reason through this before answering" significantly improves accuracy on complex tasks. |
| 4 | Give examples of what you want (few-shot prompting) | Show the model 2–3 input/output examples before your real request. Dramatically improves formatting and style consistency. |
| 5 | Ask for multiple options, then choose | "Give me 3 different approaches to X" — comparing options leads to better decisions than taking the first answer. |
| 6 | Tell the model what NOT to do | Negative constraints work: "Do not use jargon", "Do not include code examples", "Do not summarize at the end." |
| 7 | Break large tasks into smaller prompts | Chaining focused prompts outperforms one giant prompt. Do one thing well, then pass the output to the next step. |
| 8 | Ask the model to critique its own output | Follow up with "What are the weaknesses of that answer?" or "What did you miss?" — models often self-correct well. |
| 9 | Use temperature 0 for factual or code tasks | Low temperature = more deterministic output. Use higher values (0.7–1.0) for creative writing, brainstorming. |
| 10 | Always verify code before running it | AI-generated code can be plausible-looking but wrong. Read it, test it in a safe environment, never run blindly as root. |
| 11 | Use RAG to ground the model in your own data | Retrieval-Augmented Generation lets you feed relevant documents into the prompt at query time — reduces hallucination on domain-specific questions. |
| 12 | Keep context windows clean | Old, irrelevant messages dilute attention. Start a new conversation when switching topics rather than continuing a stale thread. |
| 13 | Use structured output (JSON/XML) for programmatic use | Ask for JSON output and specify the schema: "Respond only with JSON matching this structure: {...}". Most models comply reliably. |
| 14 | Anchor the model with facts it cannot hallucinate around | Paste in the actual documentation, log output, or code you want analyzed. Don't ask the model to recall things from training data alone. |
| 15 | Use a local model for sensitive data | Tools like Ollama let you run Llama, Mistral, and others locally — nothing leaves your machine. Essential for private data or air-gapped environments. |
| 16 | Embed with the same model you query | When building vector search, generate embeddings with the same model (or family) you use for generation — mixing models degrades retrieval quality. |
| 17 | Use AI as a first-pass code reviewer | Paste a diff or function and ask "What bugs or security issues do you see?" Catches obvious problems before a human review. |
| 18 | Prompt for explanations, not just answers | "Explain why" forces the model to surface its reasoning. If the explanation doesn't make sense, the answer probably doesn't either. |
| 19 | Use AI to generate test cases | "Generate edge case inputs for this function" is one of the highest-value AI tasks in a development workflow. |
| 20 | Iteratively refine — don't rewrite the whole prompt | If output is 80% right, say "Keep everything but change X to Y." Incremental corrections preserve what's working. |
| 21 | Use AI to translate between formats | CSV → JSON, YAML → TOML, regex → plain English explanation, SQL → pandas — format conversion is a reliable strength. |
| 22 | Fine-tuning is usually the last resort | Better prompting or RAG solves most problems cheaper. Fine-tune only when you need style/format consistency at scale that prompting cannot provide. |
| 23 | Check token limits before sending large inputs | Content silently truncated at the context limit causes subtle errors. Know your model's limit and chunk inputs if needed. |
| 24 | Use AI to summarize long documents before asking questions | For documents near the context limit, ask for a structured summary first, then ask questions against the summary. |
| 25 | Build evaluation sets before you build pipelines | Define what "good output" looks like with 10–20 examples before automating. Without eval criteria, you cannot tell if changes help or hurt. |
| 26 | Log every prompt and response in production | AI output is non-deterministic. Without logs you cannot reproduce failures, audit decisions, or improve prompts over time. |
| 27 | Use AI agents for multi-step tasks, not single queries | Frameworks like CrewAI or AutoGen let agents plan, use tools, and loop — appropriate when the answer requires multiple actions, not just one generation. |
| 28 | Never trust AI output on security-critical decisions | AI can produce convincing but wrong security advice. Always cross-reference CVEs, advisories, and documentation from authoritative sources. |
| 29 | Use AI to accelerate learning, not replace it | Ask AI to explain concepts, generate practice problems, and review your work — but do the thinking yourself. Understanding the output is what builds skill. |
| 30 | Know when not to use AI | Simple lookups (man pages, docs), real-time data, and tasks requiring guaranteed accuracy are often faster and safer without AI in the loop. |
Disclaimer: Any action and or abuse related to the material contained within this site are solely YOUR RESPONSIBILLTY. The misuse of the information on this website can result in criminal charges brought against the persons in question.