Commands on a server

After connecting to the server you can execute commands. This page will walk you through basic and advanced commands you will need.

Warnung

You are logged into the server as root user. As root you can destroy stuff. We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things:

  1. Respect the privacy of others.

  2. Think before you type.

  3. With great power comes great responsibility.

Orientation & Moving around

  • whoami: Returns which user on the server you have logged in to. In our case this will be root. The is a whole film named after it.

  • pwd: Shows you the directory you are in. Upon first login this is the home directory of the user.

  • ls: Shows you the content of a directory, so every file and every folder

  • cd: Let’s you select a directory to go to.

Example

Log into the server and execute the commands. You should see the expected output. When you put in the commands, ignore the $ as it represents a basic indicator that you shoud execute these commands in a shell. This might loog different in the shell you log into.

$ whoami
root
$ pwd
/root
$ ls
legacy  shitty-book-collector  static-sites
$ cd shitty-book-collector
$ ls
books.html  main.py  README.md  requirements.txt  venv
$ cat requirements.txt
pandas
odfpy
requests#

Interacting with files

Bemerkung

In the following sections you will often here the termn stdout. When you execute a command you will often see output in your shell. Text output from the command to the shell is delivered via the stdout (standard out) data stream. Error messages from the command are sent through the stderr (standard error) stream. Ther also is stdin which is the standard input stream and can be used by you to provide input to a programm.

  • cat FILENAME Prints the content of a file to stdout

  • nano FILENAME Opens the nano text editor that let’s you edit a file. If filename does not exist, it will be created. Exit nano with STRG+X (shown in the bottom left corner as ^X)

  • mkdir LOCATION Creates a directory at the location. If you want to create a subdirectory of the directory you are in this could look like mkdir my_subdir

Bemerkung

In Linux you will encounter the concept of file permissions. Every file in Linux as an owner which is a user on the systemn and a group. Permissions that you can have are read, write and execute. These can differ between the owner of the file, the group and everyone else. E.g. the file /etc/passwd stores information on every user on the system and can be read by all users (and the group) but only the owner (root) is allowd to make changes which requires the write permission. You can check the permission of a file with ls -l.

$ ls -l /etc/passwd
-rw-r--r-- 1 root root 1885 Nov 10 13:58 /etc/passwd

  • chmod 600 FILENAME Changes the permission of a file

  • chown USERNAME:GROUP FILENAME Changes the owner of a file

Systemd

Bemerkung

Systemd is a a basic building block of linux. In short it is responsible to start all the programms that the system needs to run. It can also take care of starting our programs and it’s dependencies. All programs that run (called services) will output some thext to stdout. Systemd collects all this text (usually we call these logs) so we can easily check what our programs are doing.

To interact with systemd we use systemctl and journalctl. We can use systemctl to start, stop and reload services which journalctl helps us to view logs.

The command systemctl status NAME.service will give us a quick overview of a service. You will see a name, if it is running, crashed or just not active, some information on resource consumption and at the end the latest logs.

In the example we check out the SSH service. Most likely the logs will show some failed login attempts. They come from hackers that try to get in. For a correctly configured server this is not a problem - but a good reminder why you should never use weak passwords (and better no passwords at all) to login to your servers.

$systemctl status ssh.service
● ssh.service - OpenBSD Secure Shell server
    Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
    Active: active (running) since Wed 2023-11-15 10:00:43 UTC; 3 days ago
    Docs: man:sshd(8)
            man:sshd_config(5)
Main PID: 3841738 (sshd)
    Tasks: 3 (limit: 18678)
    Memory: 19.3M
        CPU: 20min 58.207s
    CGroup: /system.slice/ssh.service
            ├─1213662 "sshd: [accepted]" "" "" "" ""
            ├─1213663 "sshd: [net]" "" "" "" "" "" "" "" "" ""
            └─3841738 "sshd: /usr/sbin/sshd -D [listener] 1 of 10-100 startups"

Nov 18 22:15:40 s3 sshd[1213106]: Received disconnect from 123.456.789.123 port 63437:11:  [preauth]
Nov 18 22:15:40 s3 sshd[1213106]: Disconnected from authenticating user root 123.456.789.123 port 63437 [preauth]
Nov 18 22:15:40 s3 sshd[1213106]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.456.789.123  user=root
Nov 18 22:16:30 s3 sshd[1213384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.456.789.123  user=root
Nov 18 22:16:32 s3 sshd[1213384]: Failed password for root from 123.456.789.123 port 30422 ssh2
Nov 18 22:16:34 s3 sshd[1213384]: Failed password for root from 123.456.789.123 port 30422 ssh2
Nov 18 22:16:36 s3 sshd[1213384]: Failed password for root from 123.456.789.123 port 30422 ssh2
Nov 18 22:16:37 s3 sshd[1213384]: Received disconnect from 123.456.789.123 port 30422:11:  [preauth]
Nov 18 22:16:37 s3 sshd[1213384]: Disconnected from authenticating user root 123.456.789.123 port 30422 [preauth]
Nov 18 22:16:37 s3 sshd[1213384]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.456.789.123  user=root

To have a better view of the logs we can utilize journalctl. It allows us to do many things but most often we are interested in what a specific service is doing at the moment. This is especially useful when a service is failing or misbehaving. In order to do this we append the flags -fu to the command. The f option says that we want to see the logs as the come in (live) and the u option selects a unit (such as a service unit) that we want to look at.

Here is how that looks for the ssh.service. The .service can be omitted in most cases.

$ journalctl -fu ssh
Nov 19 07:57:06 hostname sshd[2357992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.456.789.1
Nov 19 07:57:09 hostname sshd[2357992]: Failed password for invalid user admin from 123.456.789.1 port 55825 ssh2
Nov 19 07:57:10 hostname sshd[2357992]: Received disconnect from 123.456.789.1 port 55825:11: Client disconnecting normally [preauth]
Nov 19 07:57:10 hostname sshd[2357992]: Disconnected from invalid user admin 123.456.789.1 port 55825 [preauth]
Nov 19 07:57:20 hostname sshd[2358124]: Unable to negotiate with 123.456.789.2 port 45817: no matching host key type found. Their offer: ssh-rsa,ssh-dss [preauth]
Nov 19 08:01:29 hostname sshd[2361192]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.138.111  user=root
Nov 19 08:01:31 hostname sshd[2361192]: Failed password for root from 206.189.138.111 port 44010 ssh2
Nov 19 08:01:31 hostname sshd[2361192]: Connection closed by authenticating user root 206.189.138.111 port 44010 [preauth]
Nov 19 08:02:16 hostname sshd[2361876]: Accepted publickey for root from 123.456.789.3 port 41786 ssh2: ED25519 SHA256:drBxpw2+K6VYlC512YmZ5AZyTTD+0RuAzUr7u3RSwMU
Nov 19 08:02:16 hostname sshd[2361876]: pam_unix(sshd:session): session opened for user root(uid=0) by (uid=0)

Sometimes we will only care about which services are failed - and systemd has a list of them. You can check which services are failed with.

$ systemctl --failed
  UNIT                     LOAD      ACTIVE SUB    DESCRIPTION
● mash-backup-borg.service loaded    failed failed Borg Backup
● mash-firezone.service    not-found failed failed mash-firezone.service

Bemerkung

While you can manually start and stop services, most services are started automatically by systemd when the system boots. These services are called enabled. You can stop them from being automatically started with systemctl enable my-service

A screenshot of the show "The IT Crowd" where Roy is on the phone and asks "Have you tried turning it of an on again?"

Sometimes you will want to start, stop and restart services. The commands for this should be quite intuitive

  • systemctl start my-service: Starts my-service

  • systemctl stop my-service: Stops my-service. This will not disable the service, so on the next boot of the system the service will (try) to start again

  • systemctl restart my-service: Stops and immediatly restarts the service.