I'm aiming this article mostly at absolute beginners to Unix, as I feel the guidance resources available for a Windows user switching to Unix on their own are woefully inadequate right now. It's meant to be read after my guide on basic shell use. Note that a lot of my descriptions of the less essential commands refer to concepts I don't expect new users to know about; when I have time I plan to write more about those things, but you can probably find decent explanations with a web search.
There are lots of places that list "the basic" Unix commands, but I've never seen one of those references that lists enough of them to really show how awesome Unix is to someone who hasn't seen it. My eventual goal here is to list almost all the commands I know of, but I'll categorize them, so the reference is still usable. I'm writing this based on experience with FreeBSD, but most of it should apply to any Unix system.
I'll also color-code the commands according to how important they are.
Cyan commands are the most essential;
blue commands are very common;
green are somewhat common;
yellow are intermediate commands;
red are advanced commands that are either hard to learn or not used frequently.
Basic filesystem usage¶
cd- change directory. Equivalent to clicking on a folder in Windows File Explorer.
ls- list the files in the current directory, or the specified directories if any.
cat- show the contents of the named file(s) in the terminal window.
rm- remove files.
mv- move/rename files (those are actually the same thing).
cp- copy files.
ee- "easy editor". A basic built-in text editor that runs in the terminal. It's easy to use, but far better editors exist.
If you're running Linux, you probably have
nanoinstalled by default.
nanois much better than
ee, and still shows help at the bottom with the default configuration.
nanois very newcomer-friendly. I'd not recommend using
eeunless your operating system doesn't have
nanobuilt-in. In fact, in that case you should probably just install Nano or another text editor rather than using
pwd- print working directory. Shows the directory you're in (although any decently configured shell shows this automatically in the prompt).
ln- create links (called shortcuts on Windows).
man- "manual". Shows the manual page for the argument you pass it (so
man rmwill get you the manual page on the
rmcommand). (And yes there's a manual page on
man.) I cover manual pages more here. The other commands in this section are not nearly as important.
apropos- search the list of manual pages for one related to the argument.
whatis- equivalent to
whatis lswill show all the manual pages that have 'ls' in their name.
whereis- show the location of the executable, manual page, and source code for a program.
More advanced filesystem usage¶
stat- display information about a file (on a BSD system, it displays in a very terse format by default;
-xto make it display in a more human-readable way)
locate- Search the hard drive for a filename containing the given argument. Since it uses a cached database, it can search the entire hard drive almost instantly, but the downside is that its database can get out of date. Depending on your operating system it's probably updated once a week or once a day (but you can change that).
touch- Change a file's access and modification timestamps (useful for just creating an empty file).
file- determine the type of content in a file (this can sometimes even detect programming languages and stuff).
find- print the paths of all files in the specified directory and below it (can be passed options, like
-type f -name footo search for a regular file named foo)
chmod- "change mode". Changes file permissions.
chown- "change owner".
du- "disk usage". Show the size of a file or directory.
truncate- change a file's size, by deleting the end or by adding zero-bytes to the end.
tee- write input both to stdout and to the named file.
dd- "data duplicator", basically like
catbut has some different capabilities. (And the way it takes arguments is nonstandard as hell. I think this is a command that got ported from another operating system decades ago and never got adapted to follow standard Unix syntax.)
chflags- "change flags". Sets certain flags on files, such as an immutability flag that prevents even root from changing a file without first unsetting the flag, or a flag that makes it possible to append to a file but not to overwrite it. I don't know most of these myself.
mkfifo- create a fifo.
cat, but lets you scroll through the output instead of printing it all at once. Useful for large files. You scroll with the up and down arrows (or the page up and page down keys), and might have to press q to get out of it.
I believe the story behind this command's name is that first there was
more, which did this job and was called so because it lets you see more than your screen can fit, and then somebody wanted to make a better version of it and so they called it less. Nowadays,
lesshas basically replaced
head- show the beginning of a file. By default, the first ten lines. See its manual page for more info.
tail- show the end of a file.
tailhas a particularly useful flag
-fthat makes it keep following the file and print out any new data that gets appended to it. That's mostly useful for log files, but that's not something new Unix users are expected to deal with.
grep- search through files (or stdin if no files are specified), printing out only lines that match a certain pattern. The first argument specifies the pattern. For more info look up regular expressions (or use
fgrepwhich is a version that interprets the text to search for literally instead of as a regex).
wc- "word count". Print the number of words, bytes, and lines in a file.
diff- show the differences between two files.
vis- Like cat, but transforms nonprintable characters into printable representations.
unvis- Undo vis.
nl- Like cat, but number the lines.
sed- "stream editor". Extremely flexible tool to do something to its stdin, like search/replace, and then send the output to stdout.
patch- Take the output of a
diffcommand and apply it to a file, making all the indicated changes. We don't often have to use this command directly because version control systems like git do it internally, although I'm not sure if they call out to
patchor just implement the logic themselves.
which- find the location of the executable for a command.
which lsshould show
/bin/ls, for example.
source- run a file as a shell script.
xargs- run a command on each input.
find . | xargs catwill run
caton every file found by
umask- show or set the default permissions of files you create.
yes- spam the specified message, or 'y' by default. Mostly used for piping into commands that would stop and ask for confirmation; piping
yesinto them effectively automatically says yes to everything they ask so you can walk away without the other command stopping and waiting for you. (And you could use
yes nto make it spam 'n', to autmatically say no if the other command asks you anything.)
logger- shell interface to
tty- get the filename of the TTY attached to stdin.
stty- terminal driver settings.
perror- 'print error' - show the description of an OS error code by number.
Shell utilities - text¶
echo- print text to stdout. Mostly useful for scripts.
uniq- print only uniques lines in a file or in stdin.
echo, but works in the fashion of the
printffunction from C.
Shell utilities - filepaths¶
readlink- get the target of a symbolic link.
realpath- get the full path of a file.
dirname- get just the part of a filepath that shows the directory containing it.
basename- get just the base name part of a filepath, not the directories before it.
Shell utilities - job control¶
fg- Move a job to the background/foreground.
wait- Wait until background jobs complete.
time- Run another command and print how long it took.
disown- Disassociate a process from your shell session, so that it won't die when your shell exits and your shell won't wait for it.
nohup- Invoke a command immune to SIGHUP.
ps- "processes", or "process status". show a list of running processes and their PIDs. Often used with
grepto find the PID of a particular process.
ps | grep firefoxis an easy way to find out what Firefox's PID is. Also by default it only displays processes owned by you and that have a controlling terminal. The flags for it vary by operating system, but on FreeBSD the normal flags you want are
pgrep- an easier way of finding a process's ID by its command name, but it doesn't show any other information.
kill- the main way of sending signals to processes. By default, sends the TERM signal.
killall- kill all processes with the given name. Useful as a shortcut for killing a process without having to first find out its PID.
pkill- does basically the same thing as
killall, but has some different options, and doesn't print anything to stderr if the process doesn't exist.
nice- print the "nice value" of a process (how much priority it gets relative to other processes).
renice- change a process's nice value.
procstat- similar to
ps, but shows different information by default. I'm not sure if either one can actually achieve anything the other can't, but
top- "table of processes". Monitor running processes and resource usage.
uptime- show how long the system's been up for.
fstat- "file status". Get information about open files.
sockstat- get information about open sockets.
netstat- get information about open network connections. (
netstat -rshows the routing table.)
gstat- "GEOM status". Get information about disk I/O.
iostat- get information about all IO.
vmstat- "virtual memory status". Get various statistics about the system. This command has a ton of options and I don't know half of its functionality (I only found out about it September 19); but I'm noting it here for reference.
Timed command execution¶
crontab- set commands to run at regular intervals, such as every day, every hour, et cetera. This command is very useful but it requires understanding the format of the crontab files. The crontab(5) manual page has the needed information.
at- schedule a command to run just once at a specified time in the future.
shutdown- watch out; on most systems, this command doesn't work quite how you expect. On FreeBSD you have to pass the flag
-pto make it actually turn the power off instead of just "halting" the system. It also requires specifying a time to do it at, which can just be "now".
The time argument is useful if you have a computer that multiple people are logged in to remotely, and you want to warn everyone else before you turn it off. That may not be a common situation today, but as I understand it it was in the environent Unix was invented in.
poweroffare aliases to make it easier to do exactly what it says, but I'm not if they exist on every Unix system.
date- get or set the system time.
uname- get information about the system.
uname -ais the usual form to get more information. You should always include the output of this command when asking for help with Unix.
service- control system 'services' - programs that run in the background and are usually started at boot. For example, there's a service (
netifon FreeBSD) that manages your internet connectivity, ones for a lot of stuff I don't know much about, and ones for a lot of programs you install that need to run in the background, like web servers.
service netif restartwill restart your network interface service, which is an often helpful command for internet troubleshooting.
As far as I know, the
servicecommand exists on every Unix, but on most Linuxes, system services are managed by the systemd facility, and
systemctlis the canonical way to control them, with
servicejust being an alias for compatibility.
sysctl- "system control". Get or set system settings. These settings won't stay set on reboot; on FreeBSD you're supposed to set them in
/etc/sysctl.confif you want them to persist.
dmesg- print the diagnostic messages printed at startup.
kldstat- "kernel load status", I guess? Lists currently loaded kernel modules. I think it's a BSD-specific concept, but I'm not sure.
kldunload- load or unload kernel modules.
Hardware and filesystem stuff¶
pciconf- get information about connected PCI devices.
pciconf -lvto get the most information (probably wanna pipe that through
acpiconf- control ACPI power management. To get information about the laptop battery, at least for me the command is
acpiconf -i 0. (And yes a well-configured Unix system will show that information in some kind of statusbar if it's a laptop, but there's no limit to how you can set that up and this is the underlying command that gets the information.)
mount- "mount" a device, making its contents accessible at a directory you specify (you have to do this when you connect a flash drive or similar). (Note I find this usually has to be passed
-t msdosfsfor flash drives; telling it the filesystem type.)
umount- unmount (pass it the place you mounted it at, not the name of the device).
fstyp- "filesystem type". Attempt to detect the type of a filesystem given the filename under
geom- disk partitioning. I don't know much about these commands, but the goto for finding out a drive's partition table is
diskinfo- show physical information about a hard disk like its sectorsize and disk identifier and stuff.
zdb- ZFS-specific utilities. ZFS is one of two main filesystems in use on FreeBSD (the other being UFS), and from what I've heard ZFS is pretty much better and more modern. These commands to some extent replace other hardware and filesystem-related commands on ZFS, for example
zfs mountis needed to mount a ZFS filesystem. (But that's only for mounting filesystems that are themselves ZFS; you still use
mountto mount things like flash drives if your machine uses ZFS.)
To check disk usage, the usual commands I go to are
df- "disk free". Show the used and availablee space of your disk. Can't be trusted on ZFS, but on other filesystems it's the equivalent of
Networking - configuration¶
Unfortunately, configuring networking on a Unix system if it doesn't work out of the box is very hard and frustrating, like every other operating system. With any luck it'll work out of the box.
ifconfig- "interface config". The main tool to configure network interfaces.
resolvconf- DNS configuration.
Networking - diagnostics¶
ping- Users coming from Windows or Mac might already be familiar with this command (it exists everywhere as far as I know). It sends a meaningless message to another machine, just to test that a connection can be established. Ping is arguably the single most important network troubleshooting tool.
traceroute- Show the path from the local machine to the specified destination.
host- Do a DNS lookup.
drill- More advanced DNS tool.
whois- Do a WHOIS lookup.
tcpdump- Watch a network interface and dump all the packets it receives. Despite the name, not limited to TCP.
ping6- IPv6 version of
Networking - use¶
ssh- "Secure SHell". The main way to log into a machine remotely.
telnetis often taught first but it's not really easier to use and it sends all its data in unencrypted text, which is a horrible security practice. I'm planning to write a primer at some point in the near future on how encryption works. Or maybe I shouldn't bother because there are plenty of good ones I could just link to instead? I've yet to find a completely satisfactory one though.
scp- "secure copy". Copy files between machines using a secure, encrypted connection.
nc- "netcat". Send low-level network traffic. It's mostly useful for examinging stuff at the low-level to learn about how the internet works or debug my site (I've used it for both of those quite a bit :)). Although
ncat(not builtin) seems to outmode it.
cu- "call Unix". Used to connect over serial cables. This is probably by far the most obscure thing I list, but I've needed it to connect to a home-assembled BSD router when its internet wasn't working.
zstd- compression and archiving tools. They all use different algorithms and produce different output formats. (The Windows-standard .zip file format can be worked with on Unix but at least on FreeBSD the program isn't preinstalled;
pkg install zipwill fix that problem.)
hexdump- read the byte codes in binary files.
strings- Extract printable strings from a binary file.
uudecode- encode/decode files into a pure ASCII form (can do base64).
User account management¶
su- "switch user". Switch to another user to run commands with their credentials. Most commonly used to switch to root. (Note that since this starts the other user's shell, Ctrl-D gets you back to yourself, by exiting your shell session as the other user.)
pw- I think it's BSD-specific, but on FreeBSD this is the main program for account management. It has subcommands to do most if not all acconut management stuff.
chsh- "change shell", although it does more than change an account's default shell. This command opens an editor (probably
viby default) and lets you use that to change any of the user information stored in /etc/passwd. (The information will be laid out in a friendlier format for editing.)
passwd- change a user's password. This one I think is standard on all Unix systems, but I'm not sure.
id- find out what user and group IDs a user has (yourself by default).
w- "who". Display info about currently logged in users (also
whofor less information).
w, but shows different information.
last- find out when a user last logged in (there's a lot I don't know about this)
pwd_mkdb- Update user information after directly editing
/etc/master.passwd. Commands like
chshdo this automatically so you don't have to.
Compiled code files¶
ldd- "list dynamic dependencies". Shows the shared libraries an executable is linked against. Very nice for learning about the ecosystem.
size- get segment size information about compiled ELF files.
nm- read the symbol table of a compiled executable.
strip- strip unneeded information from an ELF, reducing the size.
openssl- Tool for working with SSL/TLS; can verify, create and sign certificates and stuff. The
s_clientsubcommand can be used to fetch a server's certificate and initiate a TLS connection, essentially functioning as the TLS version of