https://www.stationx.net/unix-commands-cheat-sheet/

Basic Operations

$ touch [-d|t] # creation date/time
$ mkdir
$ mv
$ cp [-r] # recursive
$ rm [-rf] # remove, force

> Xcopy /E /I <SourceFolder> <DestinationFolder>

$ ls [-laRh] # list, all, recursive, human-readable
$ ll # ls -l
$ la # ls -a

$ type nul > <file.txt>
$ echo.> <tile.txt>

$ echo
$ cat
$ less
$ more
$ head
$ tail

$ sudo <user>
$ sudo -l # current user privileges

$ shutdown -r now
$ gnome-session-quit # logout

$ dd if=<dir> of=<dir> # input/output

$ sudo rm -frv ~/.Trash

> del /s /q /f /a .DS_STORE
> del /s /q /f /a ._.*

> powercfg /batteryreport

$ clear && printf '\\e[3J' # fully clear terminal

Connecting

<command> > file.txt # write output to file
<command> | tee (-a) file.txt # stdout and >>
<command> 2> file.txt # error codes
<command> >> file.txt # append output to file
<command> | tee file.txt # to STDOUT and file
<command> < file.txt # use file as input for command
file.txt | <command> # same as <

<command1> && <command2> # second if first successful
<command1> || <command2> # second if first fails
<command1> ; <command2> # do both commands even if first fails

<command1> | <command2> # pass output of first to second
<command> | xargs <command> # use output of first as arguments for second
<command> | [cut|sort|uniq|..]
<command> | xclip -sel c # to clipboard, inc pwd

<command> -- <input> # -- signifies end of options/parameters
# e.g. rm -f -- -f # force remove a file called -f

System, Files, and Filesystem

# system
$ uname -a
$ hostname [-s|f]
/etc/hostname
$ hostnamectl set-hostname <hostname>
$ nmcli general hostname [<hostname>] # [] to change
$ timedatectl [set-ntp no]
$ date [+%D -s YYYY-MM-DD]
$ date [+%T -s hh:mm:ss -u]
$ hwclock [-w|-s|--set --date "MM/DD/YYYY[ hh:mm:ss]"] # -w sys->hw, -s hw->sys
/usr/share/zoneinfo/ # timezones available
$ cp /usr/share/zoneinfo/[location] /etc/localtime
/etc/hosts

# file type
$ file <file>

# metadata
$ stat <file>

# open file
$ xdg-open . # file manager
$ xdg-open <file> # default program
$ od -t [c|o|h|...] <file> # open as ascii/octal/hex/etc

# mounting
$ mount # list currently mounted
$ mount </dev/sdb1> </mnt/dir>
$ umount
/etc/fstab # automounting, settings, quota etc

$ df -ah # disk free; all, human-readable
$ du # disk usage; -s for whole folder, -h for MB/GB not B
$ ncdu / # interactive df
$ [watch] free # live

$ fdisk -l # list disks
$ fdisk </dev/sba> # edit partition table
$ sfdisk # similar to fdisk

$ mkfs # create filesystem
$ mke2fs

$ fsck # filesystem check
# xfs filesystems
$ xfs_info, xfs_growfs, xfs_admin, xfs_repair, xfs_db
# ext filesystems
$ tune2fs, dumpe2fs, debugfs

$ quotacheck [-augvf]
$ repquota [-augvs]
$ quotaon [-augv]
$ setquota [-u|g] [<user>|<group>] <args>
$ edquota [-u|g] [<user>|<group>]

$ gparted
# eject disks or they'll be locked

$ dmesg

# explains linux filesystem (hierarchy)
$ man hier

# services
$ systemctl status/start/stop/enable/disable/reload/restart <service> # 'new' style
$ service <name> status/start/stop # 'old' style
$ update-rc.d

# logs
/etc/rsyslog.conf
/etc/logrotate.conf
$ logrotate
$ logger
$ journalctl
-p crit
--list-boots
--boot=<code>

# links
$ ln [-s] <file> <link> # make [symbolic] link - for s, use absolute path

# scalpel
# edit /etc/scalpel/scalpel.conf to determine types of files to find
$ scalpel -b -o <output_folder> <file.img>

# PowerShell rename to add folder name
PS> dir | Rename-Item -NewName {$_.Directory.Name + " - " + $_.Name}

Grep and Find

# search file for search_term
$ grep "search_term" <file/directory>

*.* # search all files in directory
./* -R # search all files in directory and subdirectories

-- -n # search for -n
-i # ignore case
-w # full words
-R # recursive
-n # which line of file it is
-v # invert (i.e. not)

-A1 # print 1 line above
-B1 # print 1 line below
-C1 # print 1 linerm  of context

grep "^......$" rockyou.txt > rockyou6letters.txt

> dir /s <file>
> dir /a /r .DS_STORE

$ find <start-location>
-name "<filename>"
-iname "<filename>" # ignore case
-type [d|b|c|l] # dir block char link
-size <#[k|M|G|...]
-maxdepth <2>
-perm </111> # permissions
-exec <cmd> '{}' \\;

$ locate <file>
$ updatedb # to reindex
# see also: fdfind

# find line # of file
sed '#q;d' <file>.txt

$ which <file> # searches path for binary
$ whereis <file> # also man pages, source files, etc

> <command> | findstr "<string>"

Tasks, Processes, Performance, and Open Files

> tasklist | find "<search_term>"

$ jobs
$ fg <job-id> # bring job to foreground
$ <command> & # immediately send job to background
ctrl-z  # send job to background

$ ps
-ef # all, full format
-[u/g/p] # user, group, pid
aux # lots
$ pstree
$ strace
$ top # bit like task manager, htop better

$ mpstat
$ sar
$ iostat
$ vmstat
$ perf

$ echo $$ # terminal PID
$ pidof <process>
$ cd /proc/<pid>
$ cat [stat|status|maps|uptime|...]

$ nice -n <+|-#> <application> # for new process
$ renice <+|-#> # for running process
-p <pid>
-u <user>

$ kill <num> <pid> # num opt, default 15, 9 is extreme kill
$ pkill
$ xkill # click window

$ lsof # list open files
<path/to/file> # processes using file
-p <pid>
-i :80 # port 80
-i tcp

Users and Permissions

$ w # is logged in, with info
$ last # last logged in users
$ who # is logged in

$ adduser <new_user> # useradd also available; do not use -p
$ groupadd <new_group>
$ addgroup <user> <group> # e.g. sudo
$ deluser <user> # userdel also available
$ passwd <user> # change password
$ chage -[d|E|m|M] # <user> # password rules
$ usermod
-L/U <user> # un/lock
-l <new_username> <old_username>
-u <user_ID> <user>
-e <expiry-date> <user>
-d <days-until-password-expires> <user>
aG <group-to-add-user-to> <user> # wheel for CentOs root

$ ulimit

$ chown [-R] <user>[:<group>] <file> # recursive
$ chgrp [-R] <group> <file>
$ chmod [-R] <num><num><num>
# owner group all
# binary-coded decimal; 4 read 2 write 2 execute
$ chmod +x <file>
$ chmod [ugoa][=+-][rwx|s] <file> # user group others all ; read write execute, can mix and match ; guid
$ umask # what permissions to *remove* for new files
$ chattr [+|-]i <file> # immutable
$ lsattr <file> # check immutability

$ getfacl <file>
$ setfacl [-[m|x] [u|g]:[<user>|<group>]:<permission>] [-R] <file>
-d # default

# Pluggable Authentication Modules (PAM)
$ ldd </usr/sbin/sshd> | grep libpam.so # is <sshd> PAM-aware?
$ gedit /etc/pam.d/sshd && gedit /etc/pam.d/login
auth required pam_listfile.so \\
        onerr=succeed  item=user  sense=deny  file=/etc/ssh/deniedusers
$ gedit /etc/ssh/deniedusers && chmod 600 /etc/ssh/deniedusers
<user-to-block-ssh-access> # e.g. root

$ su  <username> # change user
$ sudo -i # access root on Ubuntu

# see superusers
$ cat /etc/group | grep sudo

# setuid/SUID and setguid/SGID binaries
$ find / -perm -4000 -o -perm -2000

# password requirements
/etc/login.defs

/etc/passwd # see users
/etc/shadow # see hashes

Hashes and Encoding

# linux
$ sha256sum <file>
$ sha1sum <file>
$ md5sum <file>

$ echo -n <string> | md5sum

# powershell
PS> get-filehash -algorithm <md5/sha1> <file>

# baselining
> fciv "C:\\Program Files" -r -xml c_programfiles_baseline.xml
> fciv -v -xml c_programfiles_baseline.xml > hashcheck.txt

# base64
$ echo "<thing>" | iconv -t utf-16le | base64 -w 0 # for powershell -enc

Scheduling

/etc/chron.d/ # user
/etc/crontab # global

$ crontab -e # edit, init
$ crontab -l # list
$ anacron # if system off, at next possible time

$ at <time> -> <actions> -> ctrl-d
-l # list
-d # delete

# allow/block users from editing
/etc/[at|cron].[allow|deny]

> schtasks /create /SC hourly /TN <name> /TR <path-to-python path-to-file>
/ST 15:00 # start time at 3pm
/SC MINUTE/HOURLY/DAILY/WEEKLY/MONTHLY # frequency

> schtasks /query /TN <name>
> schtasks /delete /TN <name>

# <https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/schtasks>

Help

man <command>
whatis <command>
apropos <command> # search manual page names

# windows
<command> /?