Linux command line tools: The top 50

The most popular and useful Linux command utilities and programs, like sudo, chmod, exec, rpm, to name a few.


There are so many Linux commands it would be difficult to know which ones you should focus on to start with. To help you get a little more comfortable with the jargon of the Linux CL, and concepts behind it, we asked Ken Milberg to give us a list of the most useful Linux utilities and programs that can be executed from the command line. This list is not meant to include each and every command under the sun, so we've provided a sidebar of links to guide you to more exhaustive resources.
-- Editors


An introduction to the command line and the Linux shell


Ken Milberg

Although there's no real distinction between a command and a utility in Linux or Unix, there is a distinction between Linux (or Unix) shell commands and "standard" UNIX or Linux system commands or utilities. There are two types of commands that a person can enter from his keyboard. Those commands are shell commands and Linux/Unix commands.

Each shell (Korn, C, Bourne, Bash) has its own set of commands that are built into its program. When the name of a built-in command is used as the first word of a simple command, the shell executes the command directly, without even having to create a new process. These built-in commands are necessary to implement functionality that would be very inconvenient (at best) to obtain with separate utilities or commands. Basically, while each type of shell has its own commands, each individual shell's commands are the same regardless of what Linux distribution or Unix variant you might be running.

Examples of Linux/Unix commands are df, find, cp and ls. These commands help provide information and enable you to perform actions on files and/or directories on your system.

What is interesting is that on Posix systems, running /usr/bin/cd from a shell does not even change the shell's working directory. This is so because the shell's built-in cd command must be used. In Posix system V systems, almost every built-in shell command has a corresponding link in /usr/bin. Built-in commands are contained within the shell itself. Some examples of Bourne built-in commands are cd, eval, exec, exit, export, and pwd. Some examples of Bash commands are alias, declare, echo and enable. Here's how it works: When you enter a command, the shell will check to determine if it's a built-in command, and if it is, the shell will execute it. If it is not, then it executes it and the shell will fork a new process in which to execute the command.

Often, a built-in command may be synonymous to a system command of the same name. For example, the Bash shell echo command is different from /bin/echo, although they behave almost identically. Confusing built-in shell commands with Linux or Unix commands (which are forked by the shell) can actually impact what it is you are doing, so it is important to understand this difference.


1. vmstat
Provides a snapshot of everything in a system, helping system administrators determine whether the bottleneck is CPU, Memory or I/O related. You run this command to get virtual memory statistics. Additional info: How to keep an eye on Linux performance.

2. chmod
A utility that changes the permission of a file. Additional info: Chmod Syntax and examples.

3. chown
A utility used to change file ownership.

4. find
Find searches the directory tree rooted at each given file name by evaluating the given expression from left to right, according to the rules of precedence (see section OPERATORS), until the outcome is known (the left hand side is false for and operations, true for or), at which point find moves on to the next file name. Additional info: Documentation of the GNU version of find.

5. cp
Copies files.

6. vi
A screen-based editor preferred by most Linux users. The vi editor has powerful features to aid both programmers and system administrators.

7. enable
Enables or disables a printer.

8. cd
Sets the working directory of a process.

9. sudo
Allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while logging the commands and arguments – aka "superuser do."

10. netstat
Shows the network status by symbolically displaying the contents of various network-related data structures. There are a number of output formats, depending on the options for the information presented.

11. cron Used for scheduling tasks. Additional info: Cron syntax and examples.

12. traceroute
Determines a route to the host and is very useful for distinguishing network/router issues. If the domain does not work or is not available you can traceroute an IP.

13. rsync
Syncs data from one disk location to another. It was created by Andrew Tridgell, who was on Samba's core team. Learn more in this tip on Rsync and Amanda.

14. df
Reports filesystem disk space usage.

15. pwd
Displays the name of the current working directory – aka "print working directory."

16. rpm
The Red Hat Package Manager (RPM) is a command-line driven package-management system capable of installing, uninstalling, verifying, querying and updating computer software packages. Each software package consists of an archive of files along with information about the package like its version and a description. Learn more in this white paper: Maximum RPM: Taking the Red Hat package manager to the limit. Also, Expert response: Yum vs. RPM.

17. grep
Grep is a command used for searching one or more files for a given character string or pattern. It can also be used to replace the character string with another one. Additional info: Linux troubleshooting tools from the command line.

18. ls
The ls command shows information about files. With it, system administrators can list the contents of a directory in order to determine when the configurations files were last edited. There are many subcommands under ls, such as ls-r, which can reverse the order in which files are displayed. Additional info: Linux troubleshooting tools from the command line.

19. man
Short for "manual," man unveils information about commands and a keyword search mechanism for needed commands. Additional info: Linux troubleshooting tools from the command line.

20. neat
A GNOME GUI admin tool. Among other things, it lets system administrators specify information needed to set up a network card. Additional info: Setting up an NTL Cable Modem on Linux using an Ethernet Card

21. cat
Abbreviated from the word "concatenate," which means to link things together, cat is used in Linux to link file contents and output them for viewing or printing.

22. mv
Renames or moves files from one Linux directory to another.

23. cpio
Back up empty directories with cpio, which restores files from an archive or creates an archive.

24. ping
Named after the sound of an active sonar system, the ping command sends echo requests to the host you specify on the command line, and lists the responses received their round trip time. When you terminate ping (probably by hitting control-C) it summarizes the results, giving the average round trip time and the percent packet loss. This command is used constantly to determine whether there is a problem with the network connection between two hosts.

More command resources:

An A-Z index of the Linux BASH command line

Linux Shell Scripting Tutorial v1.05r3 -- a beginner's handbook

IBM AIX commands -- alphabetical PDF

Take command of your Linux commands

Excavating ancient abbreviations in Linux

Learning guide: Linux tools

Quiz: Linux basics

25. ifconfig
Checks a network interface configuration. It can be used, for example, to verify a user's configuration if the user's system has been recently configured or if the user's system cannot reach the remote host while other systems on the same network can. Additional info: Unix-to-Linux migration: Setting up a network.

26. ssh
Used for secure network connections and tunneling of TCP services. OpenSSH is one open source SSH version.

27. tar
The tar program provides the ability to create tar archives, as well as various other kinds of manipulation. For example, you can use tar on previously created archives to extract files, store additional files, or update or list files. Initially, tar archives were used to store files on magnetic tape. The name "tar" comes from this use; it stands for "tape archiver." Despite the utility's name, tar can direct its output to available devices, files, or other programs. Tar may even access remote devices or files.

28. alias
Allows substitution of a small or more familiar name in place of a long string.

29. apt-get
A program that searches for and installs software packages on Debian-based systems.

30. Aspell
A free, GNU open source spell checker. It's known for its stellar list of replacements for misspelled words.

31. Awk
Searches for patterns in a file and processes them. It enables a programmer to write small programs in the form of statements to make changes in text files when certain patterns appear or extract data from those files. This command simplifies a process historically done in C or Pascal languages. Additional info: Awk syntax and examples. Also, gawk stands for "GNU awk" and is commonly used in Linux.

32. bzip2 Reduce the size of backup files by compressing them with bzip2, which can also be used for decompressing files. Additional info: Protecting against Trojan horses and improving backups on Linux.

33. cmp
Compares files and lets you know if two or more files are identical.

34. comm
Compares sorted files and selects or rejects lines common to two files. Additional info:  Moving files in a Unix-to-Linux port, and Samba-E: Windows files and directory ACLs.

35. declare
Declares variables and/or gives them attributes.

36. echo
Lets you echo a string variable to standard output.

37. eval
This POSIX special built-in command evaluates several arguments by reading them as one concatenated argument, then reports on that argument's status.

38. exec
Short for "execute," exec replaces the parent process by whatever command is typed.

39. exit
Allows you to exit from a program, shell or UNIX network.

40. export
Export sets the value of a variable so it is visible to all sub-processes that belong to the current shell.

41. free
The free command enables admins to find statistics about memory usage, showing the total of free, used, physical, swap, shared and other memory used by the kernel.

42. gzip
A compression utility designed to be a replacement for compress. Its main advantages over compress are much better compression and freedom from patented algorithms. It has been adopted by the GNU project and is now relatively popular on the Internet. gzip was written by Jean-loup Gailly and Mark Adler for the decompression code.

43. ifup
Starts up a network interface. ifdown shuts down network interface.

44. less
The less command lets an admin scroll through configuration and error log files, displaying text files one screen at a time. The command will enables a search for text within files. Additional info:  Linux troubleshooting tools from the command line. More goes hand-in-hand with the less command and displays text one screen at a time.

45. locate
Locate lists files in a database that match a pattern.

Secure Locate (slocate) provides a secure way to index and quickly search for files on your system. It uses incremental encoding just like GNU locate to compress its database to make searching faster, but it will also store file permissions and ownership so that users will not see files they do not have access to. Additional info: Variations on locate and slocate and how to use them. It also offers different methods for finding files in Linux.

46. netconfig, netcfg
Netconfig, a command used in configuring a network, displays a series of screens that ask for configuration information. Additional info:  Unix-to-Linux migration: Setting up a network.

47. screen
The screen utility is a terminal multiplexor; in essence this means that you can use a single terminal window to run multiple terminal applications. Additional info: Screen: The terminal baby-sitter in the sysadmin's toolbox

48. sed
Sed (streams editor) isn't really a true text editor or text processor. Instead, it is used to filter text, i.e., it takes text input and performs some operation (or set of operations) on it and outputs the modified text. Sed is typically used for extracting part of a file using pattern matching or substituting multiple occurrences of a string within a file.

49. shutdown
Shutdown is a command that turns off the computer and can be combined with variables such as -h for halt or -r for reboot.

Snort is an open source network intrusion-prevention and detection system utilizing a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry.

Dig Deeper on Linux servers