terminal

Useful OSX Terminal Commands

Following on my from Useful Linux Terminal Commands here is my Useful OSX Terminal Commands. This guide is handy for setting up a development OSX installation (e.g Apache, PHP, MySQL etc). I will update this post when I find new commands.

First, read my Useful Linux Terminal Commands post.

Normally I set up Ubuntu servers in the cloud on Vultr (read my guide here) or Ubuntu Servers on Digital Ocean (read my guide here) but this is how I can quickly set up a development environment locally on OSX.

Useful OSX Commands

Prevent your Mac from falling asleep

caffeinate

Prevent your Mac from falling asleep (for 1 minute)

caffeinate -t 60

Check Path

$PATH
/Library/Frameworks/Python.framework/Versions/3.4/bin:/opt/local/bin:/opt/local/sbin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/opt/X11/bin:/Library/Frameworks/Mono.framework/Versions/Current/Commands

Compare files

opendiff index1.html index2.html

Show hidden files in Finder

defaults write com.apple.finder AppleShowAllFiles -bool TRUE

Find file on OSX

sudo find / -name "httpd-ssl.conf"

Find all listening ports

sudo lsof  | grep LISTEN
Password:
launchd      1               root   34u     IPv6 0xcd261b413removed        0t0        TCP *:afpovertcp (LISTEN)
launchd      1               root   35u     IPv4 0xcd261b413removed        0t0        TCP *:afpovertcp (LISTEN)
launchd      1               root   37u     IPv6 0xcd261b413removed        0t0        TCP *:afpovertcp (LISTEN)
launchd      1               root   38u     IPv4 0xcd261b413removed        0t0        TCP *:afpovertcp (LISTEN)
prl_pm_se  116               root   14u     IPv4 0xcd261b413removed        0t0        TCP *:55656 (LISTEN)
kdc        124               root    5u     IPv6 0xcd261b413removed        0t0        TCP *:kerberos (LISTEN)
kdc        124               root    7u     IPv4 0xcd261b413removed        0t0        TCP *:kerberos (LISTEN)
mysqld     127             _mysql   28u     IPv6 0xcd261b413removed        0t0        TCP *:mysql (LISTEN)
Dropbox    434              simon  127u     IPv6 0xcd261b413removed        0t0        TCP *:17500 (LISTEN)
Dropbox    434              simon  128u     IPv4 0xcd261b414removed        0t0        TCP *:17500 (LISTEN)
Dropbox    434              simon  150u     IPv4 0xcd261b414removed        0t0        TCP localhost:17600 (LISTEN)
Dropbox    434              simon  154u     IPv4 0xcd261b414removed        0t0        TCP localhost:17603 (LISTEN)
2BUA8C4S2  520              simon   12u     IPv4 0xcd261b414removed        0t0        TCP localhost:6258 (LISTEN)
2BUA8C4S2  520              simon   13u     IPv6 0xcd261b413removed        0t0        TCP localhost:6258 (LISTEN)
2BUA8C4S2  520              simon   14u     IPv4 0xcd261b414removed        0t0        TCP localhost:6263 (LISTEN)
2BUA8C4S2  520              simon   15u     IPv6 0xcd261b413removed        0t0        TCP localhost:6263 (LISTEN)
Adobe\x20  590              simon    9u     IPv4 0xcd261b414removed        0t0        TCP localhost:15292 (LISTEN)
node       640              simon   14u     IPv4 0xcd261b414removed        0t0        TCP localhost:49249 (LISTEN)
prl_clien 3428              simon   47u     IPv4 0xcd261b413removed        0t0        TCP localhost:51476 (LISTEN)
cupsd     3656               root    5u     IPv6 0xcd261b413removed        0t0        TCP localhost:ipp (LISTEN)
cupsd     3656               root    6u     IPv4 0xcd261b414removed        0t0        TCP localhost:ipp (LISTEN)
plugin_ho 5331              simon   26u     IPv4 0xcd261b415removed        0t0        TCP localhost:52698 (LISTEN)
iTunes    5478              simon   17u     IPv4 0xcd261b415removed        0t0        TCP *:daap (LISTEN)
iTunes    5478              simon   32u     IPv6 0xcd261b413removed        0t0        TCP *:daap (LISTEN)

Find process listening on port 80

sudo lsof -n -i4TCP:80 | grep LISTEN
Password:
httpd     8748 root    4u  IPv6 0xcd261b416removed      0t0  TCP *:http (LISTEN)
httpd     8752 _www    4u  IPv6 0xcd261b416removed      0t0  TCP *:http (LISTEN)
httpd     8763 _www    4u  IPv6 0xcd261b416removed      0t0  TCP *:http (LISTEN)
httpd     8869 _www    4u  IPv6 0xcd261b416removed      0t0  TCP *:http (LISTEN)

Find a Process

which httpd
/usr/sbin/httpd

Find A File (e.g httpd.conf)

sudo find / | grep 'httpd.conf'
/private/etc/apache2/httpd.conf~previous
/private/etc/apache2/httpd.conf
/private/etc/apache2/original/httpd.conf
/private/etc/apache2/httpd.conf.pre-update
...

Note: OSX Apache Index file location is…

/Library/WebServer/Documents/index.html.en~orig

To edit the default HTML file

sudo nano /Library/WebServer/Documents/index.html.en~orig

Built-In Apache

Disable built-in OSX apache daemon

sudo launchctl unload -w /System/Library/LaunchDaemons/org.apache.httpd.plist

Restart built-in Apache daemon

sudo launchctl load -w /System/Library/LaunchDaemons/org.apache.httpd.plist

View other startup daemons

sudo ls -al /System/Library/LaunchDaemons/

View All Startup Daemons

sudo launchctl list
Password:
Sorry, try again.
Password:
PID	Status	Label
-	0	com.apple.storedownloadd.daemon
7245	-44	com.apple.CoreAuthentication.daemon
189	0	com.apple.coreservicesd
-	0	com.apple.touchbarserver
-	0	com.apple.avbdeviced
289	0	com.apple.cvmsServ
-	0	com.apple.FontWorker
-	-44	com.apple.applessdstatistics
-	0	com.apple.hdiejectd
-	0	com.apple.corestorage.corestoraged
-	0	com.apple.storagekitd
-	0	com.apple.EmbeddedOSInstallService
-	0	com.apple.wifid
-	0	com.apple.storereceiptinstaller
-	0	com.macpaw.CleanMyMac3.Agent
-	0	com.apple.seld
-	0	com.apple.emond
-	-44	com.apple.iconservices.iconservicesagent
-	0	com.apple.logkextloadsd
-	0	com.apple.bluetoothReporter
68	0	com.apple.syslogd
-	0	com.apple.symptomsd-diag
258	0	com.apple.WindowServer
-	0	com.apple.NetworkSharing
-	0	com.apple.afpfs_checkafp
-	0	com.parallels.mobile.kextloader.launchdaemon
-	0	com.apple.AppleFileServer
117	0	com.apple.securityd
8529	0	com.apple.auditd
...

Force network drives to automatically connect after each login (instead of manually connecting)

Go to System Preferences > Users & Groups (click your account on left) > Drag connected network drives (from your desktop) to the Login items list box.

More: https://www.tekrevue.com/tip/automatically-connect-network-drive/

Set PHP as default Web Server delivered file in local Apache

sudo nano /private/etc/apache2/httpd.conf

Set…

DirectoryIndex index.php

Install PHP 7.0 on to OSX

FYI: 7.1 and 7.2 are out but I find 7.0 is more stable with WordPress (read more here).

More: https://php-osx.liip.ch/

sudo curl -s https://php-osx.liip.ch/install.sh | bash -s 7.0
****
[WARNING]
Detected macOS High Sierra 10.13. As this is quite new, there may be issues still. Your mileage may vary.
****
Get packager.tgz
Unpack packager.tgz
Please type in your password, as we want to install this into /usr/local
Start packager (may take some time) using /usr/bin/python2.7
downloading https://s3-eu-west-1.amazonaws.com/php-osx.liip.ch/install/7.0-10.10-frontenddev-latest.dat
downloading https://s3-eu-west-1.amazonaws.com/php-osx.liip.ch/install/7.0-10.10/frontenddev/7.0-10.10-frontenddev-7.0.24-20171002-092027.tar.bz2

Installing package 7.0-10.10-frontenddev into root /
./pkg/pre-install
pkg/pre-install
Skipping existing directory 
Skipping existing directory usr/
Skipping existing directory usr/local/
Extracting usr/local/php5-7.0.24-20171002-092027/
Extracting usr/local/php5-7.0.24-20171002-092027/bin/
Extracting usr/local/php5-7.0.24-20171002-092027/entropy-php.conf
Extracting usr/local/php5-7.0.24-20171002-092027/etc/
Extracting usr/local/php5-7.0.24-20171002-092027/include/
Extracting usr/local/php5-7.0.24-20171002-092027/info/
Extracting usr/local/php5-7.0.24-20171002-092027/lib/
Extracting usr/local/php5-7.0.24-20171002-092027/libphp7.so
...
removed
...
Extracting usr/local/php5-7.0.24-20171002-092027/bin/tsql
Extracting usr/local/php5-7.0.24-20171002-092027/bin/uconv
Extracting usr/local/php5-7.0.24-20171002-092027/bin/vacuumdb
Extracting usr/local/php5-7.0.24-20171002-092027/bin/wrjpgcom
Extracting usr/local/php5-7.0.24-20171002-092027/bin/xgettext
Extracting usr/local/php5-7.0.24-20171002-092027/bin/xslt-config
Extracting usr/local/php5-7.0.24-20171002-092027/bin/xsltproc
Executing post-install script /tmp/7.0-10.10-frontenddev-post-install
Create symlink /usr/local/php5/entropy-php.conf /etc/apache2/other/+php-osx.conf
Restarting Apache
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using removed.removed.com.au. Set the 'ServerName' directive globally to suppress this message
Syntax OK
Finished.

Create a diag file in your OSX Default Apache root

Edit your default index file

sudo nano /Library/WebServer/Documents/index.php

Contents

<?php

// Show all information, defaults to INFO_ALL
phpinfo();

// Show just the module information.
// phpinfo(8) yields identical results.
phpinfo(INFO_MODULES);

?>

Now load the file

Install MySQL on OSX

Download: https://dev.mysql.com/downloads/mysql/

Help: https://dev.mysql.com/doc/refman/5.7/en/osx-installation-pkg.html

Uninstall MySQL OSX
Read: https://community.jaspersoft.com/wiki/uninstall-mysql-mac-os-x

Add MySQL to PATH

export PATH=$PATH:/usr/local/mysql/bin

Reboot and Check the MySQL Service

Check MySQL Version

/usr/local/mysql/bin/mysql --version
/usr/local/mysql/bin/mysql  Ver 14.14 Distrib 5.7.20, for macos10.12 (x86_64) using  EditLine wrapper

Login to MySQL from the Command Line

/usr/local/mysql/bin/mysql -u root -p;
Enter password: 
...
mysql>

Set a new root password (after logging in as root)

mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('nUp!KGFi=*FI"2p:7mC3W<%bA_`}6Tcm^\*mS1VYp[d]dup16U\t5removed,
');
Query OK, 0 rows affected, 1 warning (0.01 sec)

fyi: You can obtain a good password here.

Bonus: Install MySQL (PHP) management tool (in Apache)

Download: https://www.adminer.org/#download Save the file to /Library/WebServer/Documents/adminer.php

Load Adminer in your browser and log in with your root password

Login to Adminer (via Apache/PHP)

Creating MySQL Tables in Adminer (via Apache/PHP)

Adminer allows you to fully manage your MySQL (create databases, users, run queries, alter objects etc)

Adding Records to MySQL with Adminer

Remove MySQL:

Get your Mac Processor Name

sudo sysctl -n machdep.cpu.brand_string
Password:
Intel(R) Core(TM) i7-3720QM CPU @ 2.60GHz

Show All OSX System Settings

Command:

sysctl -a

Show Live File System Usage

sudo fs_usage

Show last 10 lines of the system log

tail -f /var/log/system.log
Dec 11 22:07:35 192-xxx-xx-xxx Wireless Network Utility[568]: Model -ioClassRef error
Dec 11 22:08:05 --- last message repeated 11 times ---
Dec 11 22:08:05 192-xxx-xx-xxx Wireless Network Utility[568]: Model -ioClassRef error
Dec 11 22:08:05 192-xxx-xx-xxx Wireless Network Utility[568]: Model -ioClassRef error
Dec 11 22:08:14 --- last message repeated 2 times ---
Dec 11 22:08:14 192-xxx-xx-xxx syslogd[68]: ASL Sender Statistics
Dec 11 22:08:16xxx-xx-xxx Wireless Network Utility[568]: Model -ioClassRef error
Dec 11 22:08:46 --- last message repeated 11 times ---
Dec 11 22:08:46 192-xxx-xx-xxx Wireless Network Utility[568]: Model -ioClassRef error
Dec 11 22:08:46 192-xxx-xx-xxx Wireless Network Utility[568]: Model -ioClassRef error
Dec 11 22:09:03 --- last message repeated 6 times ---

Get Your Local WAN IP Address

ipconfig getifaddr en0
192.x.x.x

Get your Public IPV4 Address

curl icanhazip.com; echo
60.xxx.xx.xxx

More to come.

Hope this helps someone.

Donate and make this blog better

Ask a question or recommend an article

Revision History

v1.2 Find file (current version)

v1.1 Removed system info chunk (too big to format)

Useful Linux Terminal Commands

Below are Ubuntu Linux commands I use often to setup, debug maintain servers.

Read this guide for Useful OSX Commands (for setting up Apache, PHP, MySQL, Adminer etc on OSX)

I recently moved my domain from a C-Panel hosted domain (and Email to Google G Suite (my guide here)) to a self-managed Digital Ocean domain (my LetsEncrypt Guide here, my Digital Ocean guide here, my AWS setup guide here, my Vultr setup guide here) and needed to transfer my WordPress site. Setup your own Digital Ocean Ubuntu server form $5 a month (get the first 2 months free by clicking here) or setup your own Vultr Ubuntu server for as low as $2.5/month by clicking here.

How to Reboot (from time to time when prompted with *** system restart required ***” messages appear).

sudo shutdown -r now

How to set up a bash file (*.sh) as Executable.

chmod +X filename.sh

The file will now be executable.

Viewing your crontab (Windows Task Scheduler equiv)

crontab -e

Ping a port

nmap -p 80 google.com

Rename a folder

mv /www/oldname /www/newname

Set the owner of a folder

sudo chown -R www-data:www-data /wwwfolder/wp-content/uploads/2017/11/

Check the rsync port

nmap -p 873 theserver.com

Starting Nmap 7.01 ( https://nmap.org ) at 2017-08-19 10:34 AEST
Nmap scan report for theserver.com (xxx.xxx.xxx.xxx)
Host is up (0.00012s latency).
Other addresses for theserver.com (not scanned): xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
rDNS record for xxx.xxx.xxx.xxx: theserver.com
PORT    STATE SERVICE
873/tcp open  rsync

Run a file every 1 minute

*/1 * * * * /scripts/script1.sh

Show server name

hostname

How to verify patch status for Meltdown and Spectre

Read my guide here to install the patch here.

Verify Spectre and Meltdown patch status

dmesg | grep isolation && echo "patched :)" || echo "unpatched :("
[ 0.000000] Kernel/User page tables isolation: enabled
patched :)

sudo grep "cpu_insecure\|cpu_meltdown\|kaiser" /proc/cpuinfo && echo "patched :)" || echo "unpatched :("
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx rdtscp lm constant_tsc rep_good nopl xtopology eagerfpu pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm invpcid_single kaiser fsgsbase bmi1 avx2 smep bmi2 erms invpcid xsaveopt arat
patched :)

Restart network

sudo /etc/init.d/networking restart

More here.

Show Operating System Name

hostnamectl ! grep "Operating System"
 Operating System: Ubuntu 10.04.3 LTS

Show installed Packages

sudo apt-get install apt-show-versions

Show all packages with “PHP” in the name.

sudo apt-show-versions | grep php | more
 
libapache2-mod-php7.0:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
libapache2-mod-php7.0:i386 not installed
php-common:all/xenial 1:55+ubuntu16.04.1+deb.sury.org+1 uptodate
php-xdebug:amd64/xenial 2.5.5-3+ubuntu16.04.1+deb.sury.org+1 uptodate
php-xdebug:i386 not installed
php7.0:all/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-cli:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-cli:i386 not installed
php7.0-common:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-common:i386 not installed
php7.0-curl:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-curl:i386 not installed
php7.0-dev:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-dev:i386 not installed
php7.0-fpm:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-fpm:i386 not installed
php7.0-gd:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-gd:i386 not installed
php7.0-imap:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-imap:i386 not installed
php7.0-intl:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-intl:i386 not installed
php7.0-json:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-json:i386 not installed
php7.0-ldap:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-ldap:i386 not installed
php7.0-mbstring:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-mbstring:i386 not installed
php7.0-mysql:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-mysql:i386 not installed
php7.0-opcache:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-opcache:i386 not installed
php7.0-pgsql:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-pgsql:i386 not installed
php7.0-phpdbg:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-phpdbg:i386 not installed
php7.0-pspell:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-pspell:i386 not installed
php7.0-readline:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-readline:i386 not installed
php7.0-recode:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-recode:i386 not installed
php7.0-snmp:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-snmp:i386 not installed
php7.0-tidy:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-tidy:i386 not installed
php7.0-xml:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-xml:i386 not installed
php7.0-zip:amd64/xenial 7.0.25-1+ubuntu16.04.1+deb.sury.org+1 uptodate
php7.0-zip:i386 not installed

Send Messages Other Logged In Users (CLI)

Show all user logged in

w
 20:11:51 up 1 day, 10:25,  2 users,  load average: 0.00, 0.04, 0.01
USER     TTY      FROM             [email protected]   IDLE   JCPU   PCPU WHAT
root     tty1                      20:03   31.00s  0.24s  0.20s -bash
user1    pts/0    123.123.123.123  20:09    0.00s  0.08s  0.01s w

Sent a message to usr1

echo "Hello User1" > /dev/pts/0

Sent a message to the root console

echo "Hello Admin" > /dev/tty1

Messages will appear at the bottom of the user’s console.

Processor

List processes in a tree view (… = removed)

ps -e --forest
  PID TTY          TIME CMD
    2 ?        00:00:00 kthreadd
    3 ?        00:00:00  \_ ksoftirqd/0
    5 ?        00:00:00  \_ kworker/0:0H
    7 ?        00:01:56  \_ rcu_sched
    8 ?        00:00:00  \_ rcu_bh
    9 ?        00:00:00  \_ migration/0
   35 ?        00:00:00  \_ vmstat
   37 ?        00:00:00  \_ ecryptfs-kthrea
   54 ?        00:00:00  \_ acpi_thermal_pm
   55 ?        00:00:00  \_ vballoon
   65 ?        00:00:00  \_ scsi_eh_0
   66 ?        00:00:00  \_ scsi_tmf_0
   67 ?        00:00:00  \_ scsi_eh_1
   68 ?        00:00:00  \_ scsi_tmf_1
   74 ?        00:00:00  \_ ipv6_addrconf
   36 ?        00:00:00  \_ kpsmoused
  456 ?        00:00:00  \_ iscsi_eh
...
    1 ?        00:00:02 init
...
  452 ?        00:00:00 upstart-file-br
  453 ?        00:00:00 dbus-daemon
...
 1489 ?        00:00:00 cron
 1514 ?        00:00:06 irqbalance
 1518 ?        00:00:00 sshd
11855 ?        00:00:00  \_ sshd
11914 pts/4    00:00:00      \_ bash
12008 pts/4    00:00:00          \_ ps
 1523 ?        00:00:09 php-fpm7.0
 1785 ?        00:00:03  \_ php-fpm7.0
 1786 ?        00:00:02  \_ php-fpm7.0
...
 1692 ?        00:01:52 mysqld
 ...
 1891 ?        00:00:53 fail2ban-server
...
 1956 ?        00:00:00 nginx
 1957 ?        00:00:02  \_ nginx
 1958 ?        00:00:03  \_ nginx
 1959 ?        00:00:01  \_ nginx
 1978 ?        00:00:24 ntpd
 2000 ?        00:00:00 systemd-logind
 2011 ?        00:03:24 redis-server
 ...

View major processes by usage/memory

ps -eo pid,ppid,cmd,%mem,%cpu --sort=-%mem | head                                    Sat Sep 16 18:51:17 2017

  PID  PPID CMD                         %MEM %CPU
 1692     1 /usr/sbin/mysqld             5.0  0.0
 1523     1 php-fpm: master process (/e  1.0  0.0
 1662     1 /usr/bin/lxd --group lxd --  0.4  0.0
 1785  1523 php-fpm: pool www            0.4  0.0
 1786  1523 php-fpm: pool www            0.3  0.0
 1891     1 /usr/bin/python3 /usr/bin/f  0.3  0.0
 1957  1956 nginx: worker process        0.2  0.0
 1958  1956 nginx: worker process        0.2  0.0
11855  1518 sshd: [email protected]/4             0.1  0.0

Read more on ps here.

How big is a folder

du -hs ./foldername
412MB    ./foldername

Change FIle Create/Modify time’s

Change File Creation Date

SetFile -d '11/25/2019 23:00:00' ./file.doc

Change file modify/accessed time

touch -mt 201911282300 ./filename.doc

Tree

Tree needs to be installed first

sudo apt-get install tree

Show an ASCII representation of a folder structure

tree

Show files in a structure

tree -a -h -v
.
├── [4.0K]  folder
├── [3.0K]  logfile.log
└── [1.7M]  zipfile.tgz

Show directories

tree -d
.
└── [4.0K]  subfolder

List all files and folders in a structure

tree -a -f -p -h  -l -R

Backup a www folder

cp -rTv /www/ /backup/www

Common (Digital Ocean) Debugging commands

cat /etc/network/interfaces.d/50-cloud-init.cfg
cat /etc/network/interfaces
ip addr
ip route
uname -a
iptables -nvL --line-numbers
ls -l /lib/modules
cat /etc/udev/rules.d/70-persistent-net.rules

Networking

Display all TCP connections

netstat -at

Display all UDP connections

netstat -au

List all Listening Connections

netstat -l

Show all Network stats

netstat -s

Show all UDP Network stats

netstat -st

Show all TCP Network stats

netstat -su

Show network packets

netstat -i

Displaying raw info

netstat --statistics --raw

Show open ports

netstat -a | grep "LISTEN "

Upload a file to a remote server over ssh

scp /local/folder/local-file.zip [email protected]:/remote/server/destination-folder/

Zip files

Install zip

sudo apt-get install zip

Zip a whole directory (with high compression)

zip -r -9 /folder/zipfile.zip /directory-to-zip

Zip a whole directory (excluding *.tmp, *temp, *.bak and *.zip file types)

zip -r -9 /folder/zipfile.zip /directory-to-zip -x "*.tmp" -x "*.temp" -x"./backup/*.bak"-x "./backup/*.zip" -x "*promo*.mp4""

Zip Help

zip
Copyright (c) 1990-2008 Info-ZIP - Type 'zip "-L"' for software license.
Zip 3.0 (July 5th 2008). Usage:
zip [-options] [-b path] [-t mmddyyyy] [-n suffixes] [zipfile list] [-xi list]
  The default action is to add or replace zipfile entries from list, which
  can include the special name - to compress standard input.
  If zipfile and list are omitted, zip compresses stdin to stdout.
  -f   freshen: only changed files  -u   update: only changed or new files
  -d   delete entries in zipfile    -m   move into zipfile (delete OS files)
  -r   recurse into directories     -j   junk (don't record) directory names
  -0   store only                   -l   convert LF to CR LF (-ll CR LF to LF)
  -1   compress faster              -9   compress better
  -q   quiet operation              -v   verbose operation/print version info
  -c   add one-line comments        -z   add zipfile comment
  [email protected]   read names from stdin        -o   make zipfile as old as latest entry
  -x   exclude the following names  -i   include only the following names
  -F   fix zipfile (-FF try harder) -D   do not add directory entries
  -A   adjust self-extracting exe   -J   junk zipfile prefix (unzipsfx)
  -T   test zipfile integrity       -X   eXclude eXtra file attributes
  -y   store symbolic links as the link instead of the referenced file
  -e   encrypt                      -n   don't compress these suffixes
  -h2  show more help

Backup NGINX

zip -r -9 /backup/nginx.zip /etc/nginx/ -x "*.tmp" -x "*.temp" -x"./backup/*.bak" -x "./backup/*.zip"

Unzip

Installing Unzip

sudo apt-get install unzip

Unzip a file

unzip filename.zip

Updates

Setup Unattended Ubuntu Security updates

sudo apt-get install unattended-upgrades
sudo unattended-upgrades -d

At login, you should receive

0 updates are security updates.

Show Configured NGINX server names

grep "server_name" /etc/nginx/sites-available/default
server_name www.servername.com myservername.com localhost;

Services

Reload daemon services

systemctl daemon-reload

Verify the MongoDB service file exists

ls /etc/systemd/system | grep servivename

View the status of services

systemctl list-unit-files --type=service
UNIT FILE                                  STATE
accounts-daemon.service                    enabled
acpid.service                              disabled
[email protected]                    static
apt-daily-upgrade.service                  static
apt-daily.service                          static
...

Local Dump

locale -a
C
C.UTF-8
en_AG
en_AG.utf8
en_AU.utf8
en_BW.utf8
en_CA.utf8
en_DK.utf8
en_GB.utf8
en_HK.utf8
en_IE.utf8
en_IN
en_IN.utf8
en_NG
en_NG.utf8
en_NZ.utf8
en_PH.utf8
en_SG.utf8
en_US
en_US.iso88591
en_US.utf8
en_ZA.utf8
en_ZM
en_ZM.utf8
en_ZW.utf8
POSIX

Show All Defined Ports

cat /etc/services

Show defined rsync ports

cat /etc/services | grep rsync

Show listening ports (active connections)

netstat -plntu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      1707/mysqld
tcp        0      0 127.0.0.1:6379          0.0.0.0:*               LISTEN      2023/redis-server 1
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1968/nginx
tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN      2097/pure-ftpd (SER
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1525/sshd
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      1968/nginx
tcp6       0      0 fe80::1:13128           :::*                    LISTEN      1708/lxd-bridge-pro
tcp6       0      0 :::80                   :::*                    LISTEN      1968/nginx
tcp6       0      0 :::21                   :::*                    LISTEN      2097/pure-ftpd (SER
tcp6       0      0 :::22                   :::*                    LISTEN      1525/sshd
udp        0      0 10.99.0.10:123          0.0.0.0:*                           1990/ntpd
udp        0      0 45.77.48.141:123        0.0.0.0:*                           1990/ntpd
udp        0      0 127.0.0.1:123           0.0.0.0:*                           1990/ntpd
udp        0      0 0.0.0.0:123             0.0.0.0:*                           1990/ntpd
udp6       0      0 fe80::1:123             :::*                                1990/ntpd
udp6       0      0 ::1:123                 :::*                                1990/ntpd
udp6       0      0 :::123                  :::*                                1990/ntpd

Show service status

service --status-all

View your bash history for a past command (e.g “openssl”).

grep "openssl" ~/.bash_history
openssl req -new -newkey rsa:4096 -nodes -keyout fearby.key -out fearby.csr

View last 1 line of a file.

tail -n 1 index.html
</body></html>

Ping a server

ping -c 2 fearby.com

How to check system uptime (and load average)

uptime
> 12:18:48 up 1 min,  1 user,  load average: 0.30, 0.18, 0.17

Uptime in friendly format

uptime -p
up 23 hours, 42 minutes

The load averages at the end are the last 1, 5 min and 15 minutes.

The w command is handy for showing uptime information as-well as logged in users (The ‘w -i’ parameter -i is handy for seeing what IP people are logged in from).

w -i
> 12:22:41 up 5 min,  1 user,  load average: 0.00, 0.07, 0.05
USER     TTY      FROM             [email protected]   IDLE   JCPU   PCPU WHAT
root     pts/0    123.123.123.123    12:18    1.00s  0.07s  0.00s w

How to download a file

curl -o localfile.zip http://www.serverwhereiuploadedthefile.com/remotefile.zip

How to edit NGINX configuration

sudo nano /etc/nginx/nginx.conf

and

sudo nano /etc/nginx/sites-available/default

How to find a file

find / -name filename.ext

also

locate php.ini

Find contents in files (recursive)

grep -r "ahref" *

Find files by name and run a command on each

find -iname "index.html" -exec md5sum {} \;

Show differences in files

diff index.html index2.html
< <body>Loading <a href="http://simon.fearby.com/blog/">http://simon.fearby.com/blog/</a></body></html>
---
> <body>Loading <a href="https://www.fearby.com/blog/">https://www.fearby.com/blog/</a></body></html>

Show contents of file (e.g urls.txt)

cat urls.txt
http://www.server1.com
http://www.server2.com
http://www.server3.com
http://www.server4.com
http://www.server5.com

Download all files mentioned in a text file.

cat urls.txt | xargs wget –c
.. download 4 files ...
cat urls.txt | xargs wget –c

View all packages with updates

sudo /usr/lib/update-notifier/apt-check -p

Output:

cryptsetup-bin
libdns-export162
libisccfg140
mongodb-org-mongos
linux-libc-dev
libgdk-pixbuf2.0-0
tcpdump
bind9-host
dnsutils
nodejs
libpython3.5
python3.5
python3.5-minimal
libisc160
grub-legacy-ec2
libapparmor1
libplymouth4
mongodb-org-shell
ntp
libtidy5
libapparmor-perl
libisc-export160
liblwres141
libcryptsetup4
libgdk-pixbuf2.0-common
libdns162
apache2-bin
apparmor
libisccc140
mongodb-org
libpython3.5-stdlib
libbind9-140
libpython3.5-minimal
cryptsetup
mongodb-org-server

or (on ubuntu 16.04)

apt list --upgradable

Updates

Always backup your server’s configuration before updating.

Backup MySQL

mysqldump --all-databases > /backup/dump-$( date '+%Y-%m-%d_%H-%M-%S' ).sql -u root -p

Crontab

Add this to crontab -e to backup at 1 am every day

0 1 * * * /usr/bin/mysqldump --all-databases > /backup/mysql/dump-$( date '+%Y-%m-%d_%H-%M-%S' ).sql -u root -pmysqlpassword

/scripts/shrinkmysql.sh script to shrink SQL files

sudo nano /scripts/shrinkmysql.sh
#!/bin/bash

tar -zcf /backup/mysql-$( date '+%Y-%m-%d_%H-%M-%S' ).tgz /backup/mysql/
rm /backup/mysql/*.sql

I had to add this to crontab

SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin/:/sbin:/usr/sbin:/scripts/:

Cron job to shrink SQL dumps at 2am every day

0 2 * * * /bin/bash /scripts/shrinkmysql.sh > /dev/null 2>&1

Write to a single log file from the crontab at 2 am every day.

todo

Query a package (e.g. siege package)

sudo dpkg-query -l | grep siege *

How to set up a free SSL certificate (see my guide here).

How to set your timezone.

dpkg-reconfigure tzdata

How to restart PHP

sudo systemctl restart php7.0-fpm

How to show the time on the server

sudo hwclock --show

Reload and restart the NGINX configuration and web server.

sudo nginx -t
sudo nginx -s reload
sudo /etc/init.d/nginx restart

JSON viewing program

Installing

sudo apt-get install jq

Using

wget wget https://downloads.wordpress.org/plugin/genesis-enews-extended.2.0.2.zip

curl 'https://api.github.com/repos/stedolan/jq/commits?per_page=5' | jq .

Below are utilities I use a lot.

ncdu file size utility

Installing

sudo apt-get install ncdu

Using

sudo ncdu /

pydf disk checking utility

Installing

sudo apt-get install pydf

Using

pydf

ntp timezone service

Installing

sudo apt-get install ntp

Using

ntp

Displaying startup processes

Installing

sudo apt-get install rcconf

Using

sudo rcconf

htop process manager.

Installing

sudo apt-get install htop

Using

htop

Network Benchmarking (between two servers)

I use iperf to measure total bandwidth between two servers. You will need to allow port 5001 (TCP IPV4 and TCP IPV6 in and out) in any local firewalls and hosts GUIs.

Allow port 5001 on an ufw firewall (IN and OUT)

sudo ufw allow 5001

#I Set port 5001 firewall on my hosts (Digital  Ocean and Vultr GUI)

Deny IP

sudo ufw deny from 123.123.123.123

Allow port 22 access to known IP

sudo ufw allow from 123.123.123.123/24  to any port 22

Deny Outgoing Port

sudo ufw deny out 22

Allow out on port to known IP

sudo ufw allow out from 123.123.123.123 to any port 22

More securing Ubuntu in the cloud here.

Install iperf on the target and source Ubuntu server.

sudo apt-get install iperf

Run this on the listening server.

iperf -s

Run this on benchmarking server (and add the IP of the listening server).

iperf -c 123.123.123.123

Results

Screen dump of ipref -c ip — iperf benchmarking output

Testing concurrent connections to a web server with siege.

Install siege

sudo apt-get install siege

Benchmarking a HTTP server

./siege -t1m c10 'https://fearby.com'

#10 Concurent users

Benchmarking HTTPS sites

Install siege 4.0.2 ( steps here ).

Verify siege 4.0.2 is installed by running

siege -v

Now can benchmark https sites

./siege -t1m c10 'https:/thedomain.com'

View incoming connections on the target server

sudo netstat -tupn

I always increase my history size and tell it not to store duplicates.

Viewing your typed terminal history

history

Increasing your history size

HISTSIZE=10000
HISTCONTROL=ignoredups

How to Update Ubuntu

sudo apt-get update
sudo apt-get dist-upgrade

sudo apt-get update && sudo apt-get upgrade

Edit SSH authorized keys

sudo nano ~/.ssh/authorized_keys

Search file and show lines where text matches

grep -i "href" index.html
> <body>Loading <a href="http://simon.fearby.com/blog/">http://simon.fearby.com/blog/</a></body></html>

View packages with updates

/usr/lib/update-notifier/apt-check --human-readable
35 packages can be updated.
15 updates are security updates.

View Boot Text

dmesg

Automatic Monitoring (ever 1 second)

Active network connections

watch -n 1 'netstat -at'

Network Packets

watch -n 1 'netstat -i'

Free memory

watch -n 1 'free -m'

Memory breakdown

watch -n 1 'cat /proc/meminfo'

watch -n 1 'vmstat -s'

Monitor NGINX memory

watch -n 1 'ps axu |grep nginx'

more soon…

Read this guide for Useful OSX Commands (for setting up Apache, PHP, MySQL, Adminer etc on OSX)

50 most useful Linux commands (view here).

View other Linux command informing sites here, here and here.

Donate and make this blog better

Ask a question or recommend an article

v1.8 Show users and senda messages to other users

v.71 Show Operating System Name

v1.7 added Meltdown and Spectre patch information

v1.6 Removed -x fom zip directory

V1.5 Restart Network

v1.4 added Useful OSX Commands

Connecting to an AWS EC2 Ubuntu instance with Cloud 9 IDE as user ubuntu and root

Recently I setup and Amazon EC2 Ubuntu Server instance and wanted to connect it to the awesome Cloud 9 IDE. I was sick of interacting with a server through terminal windows.

Use this link and get $19 free credit with Cloud 9: https://c9.io/c/DLtakOtNcba

Cloud 9 IDE (sample screenshot)

Previously I was using Digital Ocean (my Digital Ocean setup guide here) and this was simple, you get a VM and you have a root account and you do what you want. Amazon AWS however, have extra layers of security that prevent logging in as root via SSH and that can be a pain with Cloud 9 as your workspace tree is restricted to the ~/ (home) folder.

Below are the steps you need to connect to an AWS instance with user “ubuntu” and “root” with Cloud 9.

Connecting to an AWS instance with Cloud 9 as user “ubuntu”

1. Purchase and set-up your AWS instance (my guide here).

2. You need to be able to login to your AWS server from a terminal prompt (from OSX). This may include opening port 22 the AWS Security Group panel. Info on SSH logins here.

ssh -i ~/.ssh/yourawsicskeypair.pem [email protected]

3. On your AWS server (from step 2) Install NodeJS.

You will know node is installed if you get a version returned when typing the following bash command.

node -v

tip: If node is not installed you can run the Cloud 9 pre-requisites script (that includes node).

curl -L https://raw.githubusercontent.com/c9/install/master/install.sh | bash

4. Ensure you have created SSH key on Cloud 9 (guide here).

5. Copy your Cloud 9 SSH key to the clipboard.

6. On your AWS server (in step 2) edit the ~/.ssh/authorized_keys file and paste in the Cloud 9 SSH key (after you AWS key pair that was added from the setup of AWS) to a new line and save the file.

7. Log in to Cloud 9 and click create Workspace then Remote SSH Workspace.

Name your workspace (all lowercase and no spaces).
Username: ubuntu
Hostname: Add your AWS ec2 server hostname.
Initial Path: This has to be ~/

8. Click Create Workspace

9. If all goes well you will have a prompt to install the prerequisites.

If this fails check out the Cloud 9 guide here.

Troubleshooting: I had errors like “Project directory does not exist or is not writable and “Unable to change File System Path in SSH Workspace” because I was trying to set the workspace path as “/” (this is not possible on AWS with the “ubuntu” account.

10. Now you should have a web-based IDE that allows you to browse your server, create and edit files, run termials instances that will reconnect if your net connection or browser tab drops out (you can even go to a different machine and continue with your session).

Connecting to an AWS instance with Cloud 9 as user “root

Connecting to your server as the “ubuntu” server is fine if you just need to work in your “ubuntu” home folder. As soon as you want to start changing other settings outside of your home folder you are stuck. Granting “ubuntu” higher privileges server wide is a bad idea so here is how you can enable “root” login via SSH access.

WARNING: Logging in as ROOT IS BAD, you should only allow Root Login for short periods and it is advisable to remove root login abilities as soon as you do not need them or in production.

Having root access while developing or building a new server saves me bucket loads of time so lets allow it.

1. Follow step 1 to 5 in the steps above (setup AWS, ssh access via terminal, install node, create cloud 9 ssh key, copy the cloud 9 ssh key to the clipboard).

2. SSH to your AWS server and edit the following file:

sudo nano /etc/ssh/sshd_config
# -- Make the following changes
# PermitRootLogin without-password
PermitRootLogin = yes

Save.

3. Backup your root authorised keys file

sudo cp /root/.ssh/authorized_keys /root/.ssh/authorized_keys.bak

4. Edit the root authorized_keys file and paste in your Cloud 9 SSH Key.

5. Now you can create a Cloud 9 Connection to your server with root

Name your workspace (all lowercase and no spaces).
Username: root
Hostname: Add your AWS ec2 server hostname.
Initial Path: This has to be /

tip: If you have not added you SSH key correctly you will receive this error when connecting.

6. You should now be able to connect to AWS ec2 instances with Cloud 9 as root and configure/do anything you want without switching to shell windows.

Security

As a precaution, do check your website often in https://www.shodan.io and see if it has open software or is known to hackers.
Enjoy

If this guide has helped please consider donating a few dollars.

Donate and make this blog better

Ask a question or recommend an article

V1.6 security

Personal Development Blog...

Coding for fun since 1996, Learn by doing and sharing.

Buy a domain name, then create your own server (get $25 free credit)

"If you're not still learning, you're already dying."
- Ryan Holiday - Ego is the Enemy

Follow me on Twitter: @FearbySoftware

View All Posts.

terminal

Useful OSX Terminal Commands

Useful Linux Terminal Commands

Connecting to an AWS EC2 Ubuntu instance with Cloud 9 IDE as user ubuntu and root

Popular

Security

Code

Tech

Wordpress

General

terminal

Footer

Popular

Security

Code

Tech

Wordpress

General