Master DevOps Tools & Best Practices - DevOps Knowledge Hub Master DevOps Tools & Best Practices - DevOps Knowledge Hub

Five Essential Linux Commands Every Sysadmin Must Master Now

Master the command line with this essential guide covering the five non-negotiable Linux tools every system administrator must know. We detail `systemctl` for service management, `ss` for network analysis, `dnf`/`apt` for provisioning, `awk` for advanced automation and data parsing, and `ssh` for secure remote access and tunneling. Learn practical usage, best practices, and advanced flags to streamline daily operations, enhance troubleshooting, and improve system security.

Five Essential Linux Commands Every Sysadmin Must Master Now

Linux system administration gets easier when you can inspect a server quickly from the command line. Dashboards help, but when a service is down, a port is closed, or a log needs parsing, these essential Linux commands give you the fastest path to an answer.

This guide covers five commands you will use constantly: systemctl, ss, apt or dnf, awk, and ssh. The examples focus on daily operations, troubleshooting, and secure remote access.

1. Service Lifecycle Management: systemctl

The systemctl command is the main interface for controlling systemd, the service manager used by most current server distributions, including RHEL, Fedora, Debian, and Ubuntu. You use it to manage services, timers, sockets, and boot targets.

Core systemctl Operations

Understanding the distinction between runtime state (start/stop) and boot configuration (enable/disable) is crucial.

Command Description Purpose
status Shows detailed current status, including recent logs. Troubleshooting and immediate checks.
start / stop Changes the service state now. Runtime control.
enable / disable Configures the service to start/not start at boot. Persistence control.
restart Stops and then starts a service in one operation. Applying configuration changes.
reload Tells the service to reload its configuration files without interruption (if supported). Zero-downtime configuration updates. 
# Check the status of the web server
sudo systemctl status httpd.service

# Ensure the SSH service starts on boot and start it now
sudo systemctl enable sshd --now

# List all failed services
systemctl list-units --type=service --state=failed

Best Practice: Always use systemctl status <service> after starting or restarting a service to confirm it is running correctly and check for configuration errors in the output.

2. Network Analysis and Socket Statistics: ss

The ss command (Socket Statistics) is the modern, faster replacement for the deprecated netstat. It is essential for troubleshooting network connectivity, identifying open ports, verifying firewall rules, and diagnosing performance bottlenecks related to sockets.

Practical ss Flags

Sysadmins use ss primarily to see what ports are open and which applications are listening.

# Show listening TCP sockets (t), UDP sockets (u), numeric addresses (n), and process info (p)
ss -tulnp

# Find the process listening on port 80
sudo ss -tulnp | grep ':80'

# Show all established connections to the server
ss -o state established

Advanced Usage: Filtering and Summarization

You can use filtering options to quickly analyze specific connection types, which is invaluable during security audits or incident response.

# Show TCP connections from source address 192.168.1.5
ss -n state established '( src 192.168.1.5 )'

# Summarize socket statistics by protocol
ss -s

3. Robust Software Provisioning: dnf / apt

Whether you manage RHEL-family systems with dnf or Debian-family systems with apt, package management keeps servers patched and usable. Good package hygiene includes refreshing metadata, reviewing upgrades, removing unused packages, and knowing which repository supplied a package.

Essential Package Management Tasks

Task dnf (RHEL/Fedora) apt (Debian/Ubuntu)
Update metadata sudo dnf check-update sudo apt update
Apply security/system updates sudo dnf upgrade sudo apt upgrade
Install a package sudo dnf install httpd sudo apt install apache2
Remove a package sudo dnf remove <package> sudo apt remove <package>
Remove unused dependencies sudo dnf autoremove sudo apt autoremove
Search for package dnf search <keyword> apt search <keyword> 
# Example: Updating and cleaning an Ubuntu server
sudo apt update && sudo apt upgrade -y
sudo apt autoremove

# Example: Installing a package and viewing package details (RHEL/Fedora)
sudo dnf install vim-enhanced
dnf info vim-enhanced

Tip: Stagger updates in production. On Debian and Ubuntu, understand the difference between apt upgrade and apt full-upgrade. On RHEL-family systems, separate routine package updates from major OS version upgrades.

4. Advanced Text Processing and Reporting: awk

While grep is excellent for simple filtering and sed handles stream editing, the awk programming language is the ultimate tool for structured data analysis, reporting, and complex text manipulation within scripts. Sysadmins frequently use awk to parse log files, configuration files, and command outputs.

awk processes text line by line, separating each line into fields based on a delimiter (default is whitespace). The variables $1, $2, etc., refer to these fields.

awk Syntax and Examples

# Syntax: awk 'PATTERN { ACTION }'

# Example: Print the username (field 1) and shell (field 7) from /etc/passwd (delimiter is ':')
awk -F ':' '{ print "User: " $1 " | Shell: " $7 }' /etc/passwd

# Example: Find all processes using more than 10% CPU and print PID and CPU usage
ps aux | awk 'NR>1 && $3 > 10 { print "PID: " $2 " | CPU%: " $3 }'

# Example: Sum the sizes of files listed by 'ls -l' (field 5)
ls -l | awk 'NR>1 { sum += $5 } END { print "Total Bytes: " sum }'

awk is useful when data needs to be extracted, formatted, or calculated before being passed to another command or stored in a report. For example, you can turn noisy process output into a short CPU report without opening a spreadsheet.

5. Secure Remote Access and Tunneling: ssh

The Secure Shell protocol (ssh) is the lifeline of remote Linux administration. Sysadmins must master not only basic login but also advanced configurations, key management, and tunneling techniques to maintain secure and efficient access to infrastructure.

Mastering Key-Based Authentication

Password authentication is prone to brute force attacks. Sysadmins must rely on SSH keys for stronger security.

  1. Generate a key pair: ssh-keygen -t ed25519
  2. Copy the public key to the remote server: ssh-copy-id user@remote_host

Essential ssh Configuration and Usage

The local SSH configuration file (~/.ssh/config) allows you to define aliases and permanent connection parameters, streamlining daily operations.

# Example ~/.ssh/config entry
Host db-prod-server
    Hostname 192.168.10.50
    User sysadmin_user
    Port 2222
    IdentityFile ~/.ssh/id_ed25519_prod
    LocalForward 8080 127.0.0.1:80

SSH Tunneling (Port Forwarding)

Tunneling allows you to securely access services behind a firewall or securely proxy traffic. The two primary types are:

  • Local Forwarding (-L): Maps a local port on your machine to a host and port reachable from the remote server.

    # Access the database running on the remote server (port 3306) via local port 5000
ssh -L 5000:localhost:3306 user@remote_host

  • Remote Forwarding (-R): Maps a remote port to a host and port reachable from your local machine. Useful when a remote server needs temporary access to a local development service.

    # The remote host can access my local web server (80) via its port 8080
ssh -R 8080:localhost:80 user@remote_host

Takeaway

If you can manage services with systemctl, inspect sockets with ss, keep packages current with apt or dnf, parse text with awk, and reach systems safely with ssh, you can handle most first-line Linux administration work. Keep a small set of tested commands in your runbooks, then expand them as your environment demands.