DevBench

Linux & server commands

Search across basics, Docker, Kubernetes, networking, and troubleshooting. Each row includes a short description and a realistic example you can copy.

Shell & navigation

Everyday bash/zsh commands for moving around and inspecting files.

CommandWhat it doesExample
pwdPrint working directory
pwd
cdChange directory
cd /var/log && cd ~
lsList files — sizes, hidden, sort
ls -lah --sort=size
treeDirectory tree (install tree)
tree -L 2 -d /etc
mkdir / rmdirCreate or remove empty dir
mkdir -p projects/app/{src,test}
cpCopy files — recursive, preserve attrs
cp -a backup/. /restore/
mvMove or rename
mv old.txt archive/new.txt
rmRemove — force, recursive (careful)
rm -rf build_tmp/
touchCreate empty file or bump mtime
touch app.log && ls -l app.log
cat / less / moreRead file — less is interactive
less +F /var/log/syslog
head / tailFirst or last lines — follow log
tail -n 100 -f /var/log/nginx/access.log
wcCount lines, words, bytes
wc -l *.csv
historyPast commands — rerun by number
history | grep docker
!42
which / type / command -vWhere binary lives
which python3; type -a ls
aliasShell shortcuts
alias ll='ls -alh'
diff / cmpCompare files or dirs
diff -u old.conf new.conf
cmp -s bin1 bin2
paste / joinMerge lines side-by-side or on key
paste a.txt b.txt
join -t: file1 file2

View files — line numbers & readable layout

Beyond raw cat: show code and configs with line numbers, paging, wrapping control, or syntax highlighting — without opening a full IDE.

CommandWhat it doesExample
cat -n / cat -bPrint file with line numbers (-n all lines, -b non-blank only)
cat -n src/app.tsx
cat -b ~/.bashrc | head -40
nlNumber lines — widths and sections for readable dumps
nl -ba nginx.conf | less
nl -v10 -i10 log.txt   # start at 10, step 10
less -NPage through file with line numbers (toggle N inside less too)
less -N /etc/ssh/sshd_config
less -NS long.csv   # -S = chop long lines horizontally
bat / batcatSyntax-highlighted cat — line numbers, themes (install bat)
bat package.json
bat -n main.go
bat --theme=GitHub --wrap=never README.md
vim / viEditor — show line numbers; jump by line for quick inspection
vim +"set number" config.yml
:set nu
:set relativenumber
:42   # jump to line 42
:set nowrap
fold / fmtWrap long lines for readable terminal width
fold -w 80 wide.txt
fmt -w 72 memo.txt
grep -nShow line numbers when searching (pairs well with code review)
grep -n "function " src/*.ts
grep -nR "TODO" . --include='*.go'

grep, sed, awk & pipelines

Search logs and configs, extract columns, and chain commands — essential for developers and platform engineers.

CommandWhat it doesExample
grepPattern search — recursive, line numbers, ignore case, invert match
grep -Rni 'ERROR' /var/log/myapp
grep -E '50[0-9]|timeout' access.log
grep -v '^#' /etc/nginx/nginx.conf
grep -E / egrepExtended regex (alternation, groups)
grep -E '(Failed|Invalid)' auth.log
grep -oPrint only matching part (extract tokens)
grep -oE '[0-9]{1,3}(\.[0-9]{1,3}){3}' log.txt
rg (ripgrep)Very fast recursive search — respects .gitignore (install ripgrep)
rg 'TODO|FIXME' src/
rg -l 'import react' --type ts
rg -n --hidden 'password'
sedStream editor — substitute, delete lines, print range
sed -i.bak 's/api\.old/api.new/g' *.yaml
sed -n '100,200p' huge.log
sed '/^$/d' file.txt  # drop blank lines
awkColumn/text processing — fields, sums, filters
awk '{print $1,$NF}' access.log
awk -F: '$3>=1000 {print $1}' /etc/passwd
awk '{sum+=$1} END {print sum}' nums.txt
xargsBuild command lines from stdin — parallel with -P
find . -name '*.log' -mtime +7 | xargs gzip
kubectl get pods -o name | xargs -I{} kubectl logs {} --tail=5
xargs -a urls.txt -P4 curl -s -o /dev/null -w '%{url_effective}\n'
cutExtract columns (often with logs)
cut -d' ' -f1,7 access.log
cut -c1-80 wide.txt
trTranslate/delete characters
cat file | tr '[:upper:]' '[:lower:]'
tr -d '\r' < win.txt > unix.txt
sort / uniqSort lines; count duplicates (uniq needs sorted input)
sort -t: -k3 -n /etc/passwd
sort ips.txt | uniq -c | sort -rn
teeSplit stdout to file + terminal (audit pipelines)
kubectl apply -f app.yaml 2>&1 | tee apply.log
./deploy.sh | tee >(grep -i error >&2)

Users, groups & permissions

chmod/chown and sudo patterns you see on real servers.

CommandWhat it doesExample
chmodChange mode (numeric or symbolic)
chmod 644 file.txt
chmod u+x script.sh
chownChange owner and group
sudo chown -R www-data:www-data /var/www
umaskDefault permission mask for new files
umask 027
sudoRun as root — edit safely
sudo -u postgres psql
sudo visudo
suSwitch user
su - deploy
sudo su -
groups / idCurrent user groups / UID
id
groups $USER
passwdChange password
passwd
sudo passwd alice
getfacl / setfaclACLs beyond chmod
getfacl /shared
setfacl -m u:bob:rwx /shared

Processes & jobs

See what is running, stop runaway tasks, background work.

CommandWhat it doesExample
psProcess snapshot — often aux / ef
ps aux | grep nginx
ps -ef --forest
top / htopLive process monitor
htop -u $USER
pgrep / pidofFind PID by name
pgrep -af node
pidof sshd
kill / killallSignal processes — TERM then KILL
kill -15 $PID
kill -9 $PID  # last resort
jobs / fg / bgShell background jobs
sleep 100 &
jobs
fg %1
nohupSurvive logout
nohup ./long_job.sh >out.log 2>&1 &
nice / reniceCPU priority
nice -n 10 heavy_cmd
sudo renice -n -5 -p $PID
timeoutKill after duration
timeout 30s curl -v slow.api/health
watchRe-run command periodically
watch -n2 'df -h /'
systemctl statusCheck service state (systemd)
systemctl status nginx
systemctl is-active docker
systemctl list-unitsList units — failed, timers, running services
systemctl list-units --failed
systemctl list-units --type=service --state=running
systemctl list-timers
crontabUser cron jobs — edit or list
crontab -l
crontab -e
sudo crontab -l -u www-data

Networking

Connectivity, DNS, HTTP — typical checks from a shell.

CommandWhat it doesExample
curlHTTP(S) client — headers, methods
curl -I https://example.com
curl -d '{}' -H 'Content-Type: application/json' URL
wgetDownload files
wget -O file.zip https://cdn/file.zip
ssh / scp / sftpRemote shell and copy
ssh user@host
scp file user@host:/tmp/
pingICMP reachability
ping -c 4 1.1.1.1
traceroute / tracepathRoute hops
traceroute example.com
dig / nslookup / hostDNS lookup
dig +short A api.example.com
host -t MX example.com
ssSockets — replacement for netstat
ss -tlnp
ss -tan sport = :443
netstatLegacy socket listing
netstat -tulpn 2>/dev/null | grep LISTEN
nc (netcat)TCP/UDP probe
nc -vz db.internal 5432
cat foo | nc host 1234
iptables / nftFirewall rules (root)
sudo iptables -L -n -v
sudo nft list ruleset
ip / ifconfigInterfaces & routes
ip addr show
ip route
ip link set eth0 up
mtrPing + traceroute combined
mtr -rwzbc 100 example.com
openssl s_clientTLS handshake & cert inspection — debug HTTPS
openssl s_client -connect api.example.com:443 -servername api.example.com </dev/null
openssl s_client -showcerts -connect host:443 2>/dev/null | openssl x509 -noout -dates
whoisDomain / IP registration lookup
whois example.com
whois 203.0.113.9
resolvectl / systemd-resolveDNS resolver status (systemd)
resolvectl status
resolvectl query api.example.com

Disk & memory

Space running out or RAM pressure — quick diagnostics.

CommandWhat it doesExample
dfFilesystem space
df -h
 df -h /var
duDirectory sizes
du -sh *
sudo du -xh /var | sort -rh | head
lsblk / blkidBlock devices & UUIDs
lsblk -f
sudo blkid
mount / umountAttach filesystems
mount | column -t
sudo mount /dev/sdb1 /mnt
freeRAM and swap
free -h
watch -n1 free -h
/proc/meminfoDetailed memory stats
grep -E 'Mem|Swap' /proc/meminfo
syncFlush writes before unplug/remount
sync && sudo umount /usb
find … -mtime / -sizeLarge or old files
find /var/log -type f -size +100M
find . -mtime +30
ncduInteractive disk usage browser (install ncdu)
ncdu /
ncdu -x /var
iotopPer-process disk IO (install iotop)
sudo iotop -oPa  # only active, accum, all processes

Logs & debugging

When something breaks on the server — follow the trail.

CommandWhat it doesExample
journalctlsystemd logs — boot, unit, follow
journalctl -u nginx -f --since '1 hour ago'
journalctl -b -p err
dmesgKernel ring buffer — hardware / OOM
dmesg -T | tail -50
dmesg | grep -i oom
straceSyscall trace (slow, noisy)
strace -p $PID -f -e trace=network
lsofList open files, ports, memory-mapped libs — find who listens on a port
sudo lsof -iTCP:443 -sTCP:LISTEN
sudo lsof -i :8080
sudo lsof -p $PID
sudo lsof +D /var/log 2>/dev/null | head
fuserReport PIDs using file, socket, or filesystem
sudo fuser -v 443/tcp
sudo fuser -km /mnt/stale   # kill holders — careful
perfLinux profiler — CPU hotspots (needs perf package)
sudo perf top -p $PID
sudo perf record -g -p $PID sleep 15 && sudo perf report
gdbAttach to running process — stack traces
sudo gdb -p $PID -batch -ex 'thread apply all bt' -ex q
tcpdumpPacket capture
sudo tcpdump -i any port 443 -nn -c 20
sar / iostat / vmstatHistorical CPU, IO, memory
iostat -xz 1
vmstat 1 5
ss -sSocket summary stats
ss -s
uptime / wLoad average & who is logged in
uptime
w
last / lastbLogin history / failed logins
last -10
sudo lastb | head

Docker

Containers — images, runs, compose, cleanup.

CommandWhat it doesExample
docker psRunning containers — all & sizes
docker ps -a
docker ps -s
docker imagesLocal images
docker images
docker image prune -a
docker pull / push / buildRegistry & Dockerfile build
docker build -t myapp:1 .
docker push registry/myapp:1
docker runStart container — ports, env, detach
docker run -d -p 8080:80 --name web nginx
docker run -it --rm alpine sh
docker execShell inside running container
docker exec -it web bash
docker logsStdout/stderr — follow
docker logs -f --tail 100 web
docker inspectFull JSON metadata
docker inspect -f '{{.NetworkSettings.IPAddress}}' web
docker statsLive CPU/mem per container
docker stats --no-stream
docker composeMulti-service stacks
docker compose up -d
docker compose logs -f api
docker network / volumeNetworks & named volumes
docker network ls
docker volume prune
docker system pruneRemove unused data — careful
docker system df
docker system prune -a

Kubernetes (kubectl)

Minimum kubectl you need to inspect and fix clusters.

CommandWhat it doesExample
kubectl getList resources — wide, all namespaces
kubectl get pods -A
kubectl get nodes -o wide
kubectl describeEvents & reasons for failures
kubectl describe pod mypod -n prod
kubectl logsPod logs — previous crash
kubectl logs deploy/api -f --tail=200
kubectl logs pod/x -p
kubectl execShell in pod
kubectl exec -it mypod -n prod -- /bin/sh
kubectl applyDeclarative apply
kubectl apply -f manifest.yaml
kubectl apply -k overlays/dev
kubectl deleteRemove resources
kubectl delete pod stuck-pod --force --grace-period=0
kubectl port-forwardLocal tunnel to pod/service
kubectl port-forward svc/grafana 3000:3000
kubectl rolloutDeployments — status, undo
kubectl rollout status deploy/api
kubectl rollout undo deploy/api
kubectl configContexts & kubeconfig
kubectl config use-context staging
kubectl config get-contexts
kubectl topMetrics (needs metrics-server)
kubectl top pods
kubectl top nodes
kubectl get eventsCluster events stream
kubectl get events -n prod --sort-by=.lastTimestamp
helmKubernetes packages — releases & upgrades (install Helm)
helm list -A
helm upgrade --install mychart ./chart -n prod
helm rollback myrelease 1 -n prod

Packages (apt / yum / rpm)

Install and inspect software on Debian/Ubuntu, RHEL/CentOS/Fedora, and SuSE-style systems.

CommandWhat it doesExample
apt / apt-getDebian/Ubuntu packages — update index, install, search
sudo apt update && sudo apt upgrade -y
sudo apt install -y nginx curl
apt-cache search postgres
dpkg / apt-fileInspect .deb packages — which file belongs to which package
dpkg -l | grep nginx
dpkg -L nginx
sudo apt-file search bin/jpegtran
yum / dnfRHEL/CentOS/Fedora packages — install, group list
sudo dnf install -y git
sudo dnf upgrade --refresh
sudo yum repolist all
rpmRPM query — list files, verify, last install
rpm -qa | grep kernel
rpm -ql nginx
rpm -qi bash
rpm -qf /usr/bin/python3
snap / flatpakUniversal packages — sandboxed apps
snap list
sudo snap install kubectl --classic
flatpak remote-ls | head

Archives & rsync

Ship configs, logs, and artifacts — tarball, compress, and incremental sync.

CommandWhat it doesExample
tarTape archive — create/extract .tar, combine with gzip/xz
tar czf backup.tgz /etc/nginx
tar xzf release.tar.gz
tar tvf backup.tar | head
gzip / gunzip / zcatCompress single files — gzip keeps timestamp
gzip -k big.log
zcat access.log.gz | head
zip / unzipPKZIP archives — common on Windows exchanges
zip -r dist.zip build/
unzip -l archive.zip
rsyncIncremental copy — deploys, backups, preserve perms
rsync -avz ./site/ user@host:/var/www/
rsync -av --delete src/ backup/src/
rsync -e ssh -avz data/ backup-host:/data/

Git, env & shells

Version control quick hits and environment inspection for CI/CD and debugging.

CommandWhat it doesExample
gitClone, diff, history — daily workflow
git clone https://github.com/org/repo.git
git status
git log -3 --oneline
git diff --stat origin/main
env / printenvShow environment variables
env | sort
printenv PATH
export MY_VAR=test
ssh-keygen / ssh-agentKeys for Git & SSH
ssh-keygen -t ed25519 -C 'you@company.com'
eval $(ssh-agent) && ssh-add ~/.ssh/id_ed25519

AWS CLI & Terraform

Identity checks and infra workflows when cloud CLIs are installed on the bastion or CI runner.

CommandWhat it doesExample
awsAWS CLI — STS identity, EC2, S3, CloudWatch logs tail
aws sts get-caller-identity
aws configure list
aws ec2 describe-instances --filters Name=tag:Env,Values=prod --query ...
aws logs tail /ecs/my-service --since 10m --follow
terraformPlan and apply infrastructure as code
terraform fmt -recursive
terraform init
terraform plan -out=tfplan
terraform apply tfplan
jqJSON filter — pipe kubectl/aws output
kubectl get pods -o json | jq '.items[].metadata.name'
aws ec2 describe-instances | jq '.Reservations[].Instances[].InstanceId'

About this cheat sheet

Commands are generic patterns — paths, port numbers, and unit names are examples. Always confirm destructive operations (rm -rf, kill -9, docker system prune) on staging first. Production servers differ by distro and policy — use your runbooks where they conflict.