Ubuntu Server 指令(CLI)備忘錄

Networking 網路類

Get the IP address of all interfaces(顯示網路資訊):
networkctl status

Display all IP addresses of the host(顯示主機名稱相關):
hostname -I

Enable/disable interface(開啟/關閉網卡):
ip link set <interface> up
ip link set <interface> down

Manage firewall rules 防火牆類

enable firewall(啟動防火牆): 
sudo ufw enable

list rules(列出防火牆的規則): 
sudo ufw status

allow port(允許特定port): 
sudo ufw allow <port>

deny port(封鎖特定port): 
sudo ufw deny <port>

Connect remotely through SSH (SSH連線):

ssh <user>@<host IP>

Security安全性相關:

Show which users are logged in(顯示那些使用者已經登入):
w

Get password expiration date for <user>(取得 <使用者> 的密碼到期日):
chage -l <user>

Set password expiration date for <user>(設定<用戶>的密碼到期日期):
sudo chage <user>

Lock a user account(鎖定使用者帳戶):
sudo passwd -l <user>

Unlock a user account(解鎖用戶帳戶):
sudo passwd -u <user>

List open ports and associated processes(列出開放連接埠和相關的程序):
sudo netstat -tulpn

Automatically detect and ban abusive IP addresses(自動偵測並禁止有問題的IP位址):

安裝:
sudo apt install fail2ban

Show banned IP addresses(顯示被禁止的IP位址):
sudo fail2ban-client status
sudo fail2ban-client status <jail>

Get the support status for installed packages(取得已安裝軟體包的支援狀態):

ubuntu-support-status

Enable kernel live patching(啟用核心即時修補):

sudo snap install canonical-livepatch
sudo canonical-livepatch enable <token>

到
ubuntu.com/livepatch 
取得最多三台機器的免費憑證(token)

檔案管理類:

List files(檔案列出):
ls

List files with permissions and dates(列出文件權限和日期)
ls -al

Common file operations(常用文件操作):
create empty(創建空檔): 
touch <filename>

create with content(建立有內容的檔案): 
echo "<content>" > <filename>

append content(增加內容): 
echo "<content>" >> <filename>

display a text file(顯示文字): 
cat <file>

copy(複製): 
cp <file> <target filename>

move/rename(移動/重新命名): 
mv <file> <target directory/filename>

delete(刪除): 
rm <file>

Create a directory(建立目錄):
mkdir <directory>

Create directories recursively(遞迴建立目錄):
mkdir -p <directory1>/<directory2>

Delete a directory recursively(遞迴刪除目錄):
rm -r <directory>

Quick file search(快速文件搜尋):
locate <q>

Search string in file(在文件中搜尋字串):
grep <string> <filename>

Search string recursively in directory(在目錄中遞迴搜尋字串):
grep -Iris <string> <directory>

Find files modified in the last n minutes(尋找最近n分鐘修改的文件):
find <directory> -mmin -<n> -type f
舉例. find . -mmin -5 -type f

Show only the nth column(只顯示第n列):
col<n> “<separator>” <filename>
例如. col2 “,” foo.csv

Display file paginated(顯示分頁文件):
less <filename>

Display first n lines(顯示前n行):
head -n <n> <filename>

Display last n lines(顯示最後 n 行):
tail -n <n> <filename>

Follow file content as it increases(追蹤文件的增加內容)
tail -f <filename>

Pack a directory into an archive(將目錄壓縮打包到檔案中):
zip: zip -r <target> <source dir>
tar.gz: tar cvzf <target>.tar.gz <source dir>

Unpack an archive(解壓縮檔案):
zip: unzip <zip file>
tar.gz: tar xf <tar.gz file>

Copy file to remote server(將文件複製到遠端):
scp <filename> <user@server>:<destination>
像是. scp config.yaml admin@192.0.0.0:/config  

Copy directory recursively from remote server(從遠端伺服器複製目錄)
scp -r <user@server>:<source> <destination>
舉例. scp -r admin@192.0.0.0:/config /tmp

系統類的:

Display kernel version(顯示核心版本):
uname -r

Get disk usage(取得磁碟使用情況):
df -h

Get memory usage(取得記憶體使用情況):
cat /proc/meminfo

Get system time(取得系統時間):
timedatectl status

Set system timezone(設定時區):
timedatectl list-timezones
sudo timedatectl set-timezone <zone>

Get all running services(取得所有正在運行的服務):
systemctl --state running

Start or stop a service(啟動或停止服務):
service <service> start/stop

Monitor new logs for a service(監控服務的新日誌):
journalctl -u <service> --since now -f

Get the list of recent logins(取得最近登入的列表):
last

Display running processes(顯示正在運作的程序):
htop

Kill process by id(透過id強制程序停止):
kill <process id>

Kill process by name(透過名稱強制程序停止):
pkill <process name>

Run command in the background(在背景執行命令):
<command> &

Display background commands(顯示背景命令):
jobs

Bring command <n> to the foreground(將命令 <n> 置於前台):
fg <n>