For years, that list of constraints was the reason people dismissed it. But in 2026, it's the reason Chrome OS might be the most correctly designed operating system for what's coming.

The security architecture treats the endpoint as untrusted by default. The containerized Linux environment gives developers a full headless stack without compromising the host. And an upcoming OS-level rewrite, Aluminium, puts Google's on-device AI models directly into the kernel.

This article covers security architecture, the container-based developer environment, cloud-streamed creative tools via AWS NICE DCV, cloud gaming, and what Aluminium OS means for on-device AI.

Here's what we'll cover:

1. Security-First Architecture in an Era of AI-Powered Threats

2. A Headless Linux Stack That's More Flexible Than It Looks

3. AWS NICE DCV Changes the Creative Tools Conversation

4. Cloud Gaming Works

5. Aluminium OS: On-Device Models on Google's Own Architecture

6. Where This Lands

Security-First Architecture in an Era of AI-Powered Threats

Threat actors are getting better tools. Models like Mythos are lowering the barrier for generating convincing phishing campaigns, crafting polymorphic malware, and automating social engineering at scale.

Traditional operating systems present exactly the attack surface these tools target: writable system files, user-installable executables, patches that sit uninstalled for weeks because someone clicked "remind me later."

Chrome OS sidesteps most of this by design. The root filesystem is read-only and cryptographically verified on every boot through a process called Verified Boot.

If anything has modified the OS files since the last verified state, whether that's malware, a compromised package, or a rogue AI agent that decided to start deleting system files, the device detects it at startup and either self-corrects or refuses to boot.

Persistence across reboots isn't difficult. It's architecturally impossible through software alone.

Updates happen silently. While you're working, the system downloads the next OS version to an inactive partition. On your next reboot, it pivots to the updated version. No prompts, no deferred patches, no exposure window.

Major updates ship every four to six weeks. Security patches land every two to three weeks. The gap between vulnerability discovery and remediation is measured in days.

Chrome OS consistently doesn't appear in the top 50 products by CVE count in the NIST vulnerability database. Windows and the Linux kernel sit near the top every year. When AI is actively being weaponized to find and exploit vulnerabilities faster than humans can patch them, a read-only, verified, automatically updated endpoint is a different category of security posture.

The tradeoff is trust. Chrome OS's security model means trusting Google as the root authority for your entire computing stack: updates, certificate trust, telemetry. Organizations with strict data sovereignty requirements should weigh that dependency carefully.

A Headless Linux Stack That's More Flexible Than It Looks

Chrome OS is a text-based operating system. There's no native GUI layer. Stop and sit with that for a second, because it's the thing that makes people dismiss Chrome OS and also the thing that makes it work.

The entire graphical interface you interact with IS the Chrome browser. The Ash shell, Chrome's window manager, is the desktop. You don't install applications onto it the way you install .exe files on Windows or drag .app bundles into a macOS Applications folder. If it isn't running in a browser tab, an Android VM, or a Linux container, it doesn't run. That restriction is what keeps the host locked down, and it's what makes everything else possible.

Under the hood, Chrome OS runs a minimal virtual machine called Termina through crosvm, Google's Rust-based VM monitor.

Inside Termina, LXD manages Linux containers. The default container, penguin, is a Debian environment with a special trick: it bridges GUI-based Linux applications directly into the Chrome OS desktop through a Wayland proxy called Sommelier. Install VS Code, GIMP, or LibreOffice in penguin and they show up in your Chrome OS app launcher, running in windows alongside your browser tabs. For a lot of developers, penguin alone covers the daily workflow.

But Termina gives you more than penguin. Through the LXD layer you can spin up independent containers that are fully isolated operating systems: Arch, Alpine, Ubuntu, whatever you need.

These aren't attached to the GUI bridge. They run headless, natively, with their own systemd, their own package managers, their own persistent state. Need a clean Ubuntu environment to test a deployment script without touching your main setup? lxc launch and you're there. Need to blow it away? lxc delete and it's gone. No orphaned files on the host, no cross-contamination between environments.

The key distinction from Docker is that LXD runs system containers (full OS emulation) rather than application containers. You get background services, persistent daemons, the works. You can also run Docker inside any of these LXD containers if you need application-level containerization on top of that.

Snapshot your entire environment with lxc snapshot before a risky dependency install and roll back instantly if something breaks. That kind of safety net is broader than version control alone: it captures your full OS configuration, not just code.

Pair this with browser-native tools like GitHub Codespaces, Google Colab, AWS CloudShell, or vscode.dev, and the terminal handles your local tooling while the browser handles everything else.

AI coding assistants like Claude and Gemini already operate natively in the browser. The distance between "cloud IDE" and "local IDE" keeps shrinking.

There are friction points: no custom kernel modules inside Crostini. Nested KVM requires Intel Gen 10+ processors. VPN routing into the Linux container from the Chrome OS host can be a headache, with WireGuard requiring userspace workarounds inside the container.

But none of these break the core architecture for cloud-native work. They're just worth knowing about before you commit.

AWS NICE DCV Changes the Creative Tools Conversation

One of the longest-standing arguments against Chrome OS has been the absence of professional creative software. There's no Premiere, no DaVinci Resolve, no Blender, no Ableton. For years, this was a dead-end conversation.

AWS NICE DCV (Desktop Cloud Visualization) reopens it. DCV is a high-performance remote display protocol that streams GPU-accelerated desktop sessions from EC2 instances to any device, including a Chromebook running the browser-based DCV client. It supports OpenGL, Vulkan, and DirectX rendering, with adaptive encoding that adjusts to network conditions. On AWS, the DCV license is free. You pay only for the EC2 compute time.

Netflix engineers use DCV to stream content creation applications to remote artists. Volkswagen runs 3D CAD simulations across their engineering division through it. A VFX studio called RVX used it to deliver visual effects for HBO's The Last of Us, streaming Nuke, Maya, Houdini, and Blender to artists distributed across Europe from servers in Iceland. Their team said it was the best remote experience they'd ever worked with.

So: a Chromebook connected to a g5.xlarge EC2 instance (one A10G GPU) can run Blender, DaVinci Resolve, or any other GPU-accelerated creative application with full hardware acceleration. The rendering happens in the data center. DCV streams the pixels. The creative professional gets a responsive, high-fidelity workspace on a $400 machine that couldn't locally render a single frame.

The constraints are connectivity and cost. You need sustained bandwidth (25+ Mbps for 1080p work, more for 4K multi-monitor setups) and leaving a GPU instance running around the clock adds up. But for studios and professionals who already budget for high-end workstations, the math often pencils out, especially when you factor in zero local hardware maintenance and the ability to scale GPU power on demand.

Cloud Gaming Works

GeForce NOW survived where Stadia failed because it made a better business decision: bring your own games. Connect your existing Steam, Epic, or Ubisoft library and stream from NVIDIA's server-side hardware. The Ultimate tier now runs on RTX 5080-class infrastructure. 4K at 120fps with ray tracing, on a fanless Chromebook.

Chrome OS has a structural advantage as a cloud gaming client. GeForce NOW runs natively in the Chromium browser via WebRTC, and users consistently report less micro-stuttering and tighter input handling than the standalone Windows desktop app. Under good network conditions, measured total latency runs 13 to 14ms, with sub-3ms ping documented near datacenter proximity. That's below human perceptual threshold for most game types.

Anti-cheat systems like Easy Anti-Cheat and Riot Vanguard are a non-issue in this model. They run on the server where the game executes, not on your local endpoint. On-device gaming isn't viable on Chrome OS and likely never will be. The architecture isn't designed for it, and even projects attempting to bridge local GPUs hit bottlenecks in the container layers. Cloud gaming is the path, and it works.

The limiting factors are network-dependent. Latency spikes above 500ms on bad connections make fast-twitch games unplayable, and NVIDIA's 100-hour monthly cap on the Ultimate tier has drawn criticism. But cloud gaming on Chrome OS has crossed the line from novelty to daily-driver viable for most use cases.

Aluminium OS: On-Device Models on Google's Own Architecture

The most consequential near-term development for Chrome OS is Project Aluminium, a ground-up rewrite that replaces the current Chrome OS foundation with a native Android kernel. Not another bolted-on compatibility layer: a new operating system built on Android 16, designed to run Android applications natively with direct hardware acceleration instead of routing them through the resource-heavy ARCVM virtual machine that currently eats CPU cycles on even basic app launches.

The AI story is the real story. Aluminium is being built with Gemini models integrated directly into the OS: the file system, the application launcher, the window manager.

Google serving their own proprietary models on their own devices, using an architecture optimized specifically to run them, is a level of vertical integration that no other OS vendor has in the pipeline. Apple has the silicon advantage for local inference. Google has the model-to-OS integration advantage. Those are competing theses about where AI compute should live, and both are worth taking seriously.

The rollout timeline from court documents and leaked roadmaps puts a trusted tester program on select hardware in late 2026, premium tablets by early 2027, and general consumer availability in 2028. Chrome OS Classic gets maintained through existing support obligations until 2033 or 2034.

The launch won't be perfect. Google's track record on platform transitions gives the community earned skepticism. But the ability to iterate a natively AI-integrated OS on hardware they control is the kind of capability that compounds over time.

Where This Lands

Two years ago, calling Chrome OS a serious platform for development or creative work would have been a stretch. Today you can run a full Debian environment with systemd daemons, snapshot your workspace, stream Blender from a GPU-backed data center, play AAA games at 4K on hardware you don't own, and do all of it from a verified, read-only endpoint that patches itself while you sleep.

The remaining gaps are real. But they're concentrated in workflows that are themselves moving to the cloud. Chrome OS was designed around assumptions about computing that used to be premature. They're not premature anymore.

Most people think Jupyter is just for Python and data science stuff, but apparently you can run Rust in one, too.

In this tutorial, we’ll be taking a look at:

1. What is EvCxR?

2. How to Install the Rust Jupyter kernel

3. How to run your first Rust code in a notebook

4. Handy Tips and Tricks

5. Common Issues and Solutions

6. When NOT to Use Jupyter for Rust

Friendly Disclaimer: This tutorial assumes you know the basics of both Rust and Jupyter. If you break something, that's on you, mate 🙂.

So without further ado, let's jump in.

What is EvCxR?

EvCxR (pronounced "Evaluator" to my fellow linguists’ horror) is a Rust REPL and Jupyter kernel. It's basically the magic that lets you run Rust code interactively in Jupyter notebooks instead of the traditional compile-run-debug cycle.

The name stands for "Evaluation Context for Rust", and it’s an open source project actively maintained on GitHub. Here are a few things that make this terribly named tool absolutely brilliant:

1. Interactive development: It lets you test Rust snippets without creating a whole project 🧪

2. Prototyping: You can quickly try out ideas before committing to a full implementation 💡

3. Data visualisation: And yes, you can even plot charts with Rust (more on that later) 📊

How to Install the Rust Jupyter kernel

Prerequisites

Before we dive into the installation, make sure you have these sorted:

1. A Linux System: Or at least, Windows Subsystem for Linux (There’s a little note below for Windows users.)

2. The Rust toolchain: You can get it from rustup.rs if you haven't already

3. Jupyter: Install via pip – pip install jupyter

4. Patience: This might take a minute or two ⏱️

Once you’ve got all that, we can get rusty (pun intended).

Note: If you’re using Windows, you’ll need to do a little extra to get started. Here’s the quick rundown:

1. Go to https://visualstudio.microsoft.com/visual-cpp-build-tools/

2. Download and run the installer

3. Select "Desktop development with C++"

4. Install it (it's large, ~5GB)

Step 1: Install EvCxR

Open your terminal and run this command:

cargo install evcxr_jupyter

Now go grab a cup of joe ☕. This will take a few minutes as Cargo downloads and compiles everything. And don't panic if it seems stuck. Rust compilation is thorough but not particularly fast.

If you get any errors about missing system libraries, you might need to install some dependencies. On Ubuntu/Debian, try:

sudo apt install jupyter-notebook jupyter-core python-ipykernel
sudo apt install cmake

On macOS with Homebrew:

brew install cmake jupyter

Step 2: Install the Jupyter Kernel

Once the installation finishes, you’ll need to register the EvCxR kernel with Jupyter:

evcxr_jupyter --install

You should see output that looks something like this at the end:

Installation complete

Step 3: Launch Jupyter and Create a Rust Notebook

Let’s test out our baby. Fire up Jupyter:

jupyter notebook

Your browser should open automatically (if it doesn't, copy the URL from the terminal).

In the Jupyter interface:

1. Click New in the top right

2. Select Rust from the dropdown (or "evcxr" depending on your version)

3. A new notebook opens

Welcome to interactive Rust! 🦀

Step 4: Write Your First Rust Code

Let's start with a classic:

println!("Hello my fellow Rustaceans! 🦀");

Hit Shift + Enter to run the cell. You should see the output appear below the cell. Simple as that.

Note that notebooks execute code at the top level, so you don’t have to wrap it around the main() function. If you still want to do that, you’re going to have to call it like this:

fn main(){
    println!("Hello my fellow Rustaceans! 🦀");
}
//Calling the function
main()

Now let's try something more interesting:

fn fibonacci(n: u32) -> u32 {
    match n {
        0 => 0,
        1 => 1,
        _ => fibonacci(n - 1) + fibonacci(n - 2)
    }
}

for i in 0..10 {
    println!("fibonacci({}) = {}", i, fibonacci(i));
}

Run it and watch the Fibonacci sequence appear.

fibonacci(0) = 0
fibonacci(1) = 1
fibonacci(2) = 1
fibonacci(3) = 2
fibonacci(4) = 3
fibonacci(5) = 5
fibonacci(6) = 8
fibonacci(7) = 13
fibonacci(8) = 21
fibonacci(9) = 34

Handy Tips and Tricks

Functions aren’t the only things that behave differently when using Rust in notebooks. Here are a few other things you might want to keep in mind:

Variables Persist Between Cells

Unlike traditional Rust compilation, variables you define in one cell stick around for the next cells:

let mut counter = 0;

Then in the next cell:

counter += 1;
println!("Counter: {}", counter);

The output would be:

Counter: 1

This is great for building up complex examples step by step.

You Can Use External Crates

Add dependencies with the :dep command in one cell:

:dep serde = { version = "1.0", features = ["derive"] }
:dep serde_json = "1.0"

Then use them normally in the next:

use serde::{Serialize, Deserialize};

#[derive(Serialize, Deserialize, Debug)]
struct Person {
    name: String,
    age: u32,
}

let person = Person {
    name: "Amina".to_string(),
    age: 24,
};

let json = serde_json::to_string(&person).unwrap();
println!("{}", json);

Output:

{"name":"Amina","age":24}

Pretty neat, huh?

Visualisation Support

You can even create graphs. To get started, install the plotters crate:

:dep plotters = { version = "0.3", default-features = false, features = ["evcxr", "all_series", "bitmap_backend", "bitmap_encoder"] }

Then create a simple sine graph:

use plotters::prelude::*;

let root = SVGBackend::new("sine_wave.svg", (640, 480)).into_drawing_area();
root.fill(&WHITE).unwrap();

let mut chart = ChartBuilder::on(&root)
    .caption("Sine Wave", ("Arial", 20))
    .margin(5)
    .x_label_area_size(30)
    .y_label_area_size(30)
    .build_cartesian_2d(-3.14..3.14, -1.2..1.2)
    .unwrap();

chart.configure_mesh().draw().unwrap();

chart.draw_series(LineSeries::new(
    (-314..314).map(|x| {
        let x = x as f64 / 100.0;
        (x, x.sin())
    }),
    &RED,
)).unwrap();

root.present().unwrap();
println!("Plot saved to sine_wave.svg");

Output:

A word on plotting: You can actually display plots directly inline in your notebook. But if you're using WSL with VSCode (like I do), inline plotting may not work properly due to rendering issues on the notebook interface. That’s why I used it as an svg file that I can easily view in my text editor.

Checking Types

Not sure what type something is? Use :vars. This shows all variables and their types:

let x = vec![1, 2, 3];

:vars

Output:

Variable	    Type
       x	Vec<i32>

Common Issues and Solutions

Compilation Errors Everywhere

If you're getting weird compilation errors, remember:

• Each cell is compiled separately

• You might need to reimport things in each cell

Slow Execution

The first time you run code in a session, it's slow due to the compilation overhead. Subsequent runs are faster. If it's really slow, you might want to:

• Use release mode: :opt 2

• Reduce dependency features to only what you need

• Consider if Jupyter is the right tool for your use case

Dependencies Not Loading

If a crate won't load:

• Make sure the version exists on crates.io

• Check your internet connection (it needs to download)

• Try specifying features explicitly

• Clear the cargo cache if things get really wonky: rm -rf ~/.evcxr

When NOT to Use Jupyter for Rust

Jupyter notebooks are great for learning and experimenting, but they're not always the best choice in:

• Production code: Use proper projects with cargo

• Performance-critical code: The overhead isn't worth it

• Large applications: Notebooks get very messy, very fast

• Team collaboration: Version control with notebooks is quite the nightmare

Stick to notebooks for prototyping and quick experiments. For anything serious, fire up your favourite editor and create a proper Rust project.

Conclusion

Let's summarise what you've learned:

1. How to install the EvCxR Jupyter kernel

2. How to create and run Rust notebooks

3. How to use external crates in notebooks

4. Tips and tricks for interactive Rust development

Jupyter notebooks make Rust more accessible for learning and experimentation. Give it a go next time you want to try out a quick Rust snippet without the ceremony of creating a full project. And with that, we've come to the end of this tutorial.

Cheers.

Resources

1. EvCxR GitHub Repository

2. Rust Book

3. Jupyter Documentation

Acknowledgements

Thanks to Anuoluwapo Victor, Chinaza Nwukwa, Holumidey Mercy, Favour Ojo, Georgina Awani, and my family for the inspiration, support and knowledge used to put this post together.

And thanks to the EvCxR project maintainers for making this possible, the Rust community for being awesome, and to anyone reading this for wanting to learn. You inspire me daily.

The Nix language is a specialized, purely functional programming language. It’s used by the Nix package manager to build packages and the NixOS operating system for declarative system configuration and software packaging.

Unlike traditional Linux distributions, NixOS utilizes the Nix programming language to describe the entire system, including packages, services, users, networking, and even the bootloader – all of which are defined through a declarative configuration. This approach enables NixOS to generate complete system profiles, allowing for reproducible deployments, atomic upgrades, and easier system rollbacks.

In simpler terms, in NixOS, you can configure your programs, services, and users, and install new system-wide packages or applications directly within the configuration.nix file – which you can then share directly with others.

Also, if anything goes wrong with your current NixOS generation during the system build time, you can roll back to a previous NixOS generation (after switching to a new generation – more on this below).

In this tutorial, I’ll explain in detail what NixOS is, how it works, its benefits, and how to set it up on your machine or laptop in a beginner-friendly way.

Table of Contents:

1. Prerequisites

2. What is a Declarative Configuration?

   • Why is the Declarative Approach (Declarative Configuration) used in NixOS?

   • What Are Reproducible Systems?

3. How Does NixOS Work?

4. What Are the Benefits of Using NixOS?

5. When Would NixOS Not Be the Best Choice?

6. How to Set Up NixOS and the Nix Package Manager on Your Laptop

7. How to Install a Package in NixOS?

8. FAQ

9. Conclusion

Prerequisites

To work with NixOS and the Nix package manager, there are no specific prerequisites if you have at least a couple years of experience with Ubuntu, Debian, or any other distribution. Having some basic knowledge of the Nix language is a plus.

What is a Declarative Configuration?

In the declarative approach, we use a file (such as a YAML, JSON, or Nix) to describe the configuration for hardware and software components, such as systems, networking, users, boot loader, services (like with systems), and more, in one file.

NixOS uses the configuration.nix file for its declarative configuration. By default, the configuration.nix file looks like this:

# /etc/nixos/configuration.nix

{ config, pkgs, ... }:
{

  imports = [
      ./hardware-configuration.nix
   ];

  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;

  networking.hostName = "nixos"; # Define your hostname.

  # Enable networking
  networking.networkmanager.enable = true;

  # Set your time zone.
  time.timeZone = "Asia/Kolkata";

  # Select internationalisation properties.
  i18n.defaultLocale = "en_IN";

  i18n.extraLocaleSettings = {
    LC_ADDRESS = "en_IN";
    LC_IDENTIFICATION = "en_IN";
    LC_MEASUREMENT = "en_IN";
    LC_MONETARY = "en_IN";
    LC_NAME = "en_IN";
    LC_NUMERIC = "en_IN";
    LC_PAPER = "en_IN";
    LC_TELEPHONE = "en_IN";
    LC_TIME = "en_IN";
  };

  # Enable the X11 windowing system.
  services.xserver.enable = true;

  # Enable the GNOME Desktop Environment.
  services.xserver.displayManager.gdm.enable = true;
  services.xserver.desktopManager.gnome.enable = true;

  # remove preinstall or  unused package in gnome
  environment.gnome.excludePackages = with pkgs; [ gnome-tour gnome.gnome-music nixos-render-docs  ];
  services.xserver.excludePackages = with  pkgs; [ xterm ];

  # Configure keymap in X11
  services.xserver.xkb = {
    layout = "us";
    variant = "";
  };

  # Enable sound with pipewire.
  sound.enable = true;
  hardware.pulseaudio.enable = false;
  security.rtkit.enable = true;
  services.pipewire = {
    enable = true;
    alsa.enable = true;
    alsa.support32Bit = true;
    pulse.enable = true;
  };

  # Define a user account. Don't forget to set a password with ‘passwd’.
  users.users.officialrajdeepsingh = {
    isNormalUser = true;
    description = "officialrajdeepsingh";
    extraGroups = [ "networkmanager" "wheel" "docker" ];
    packages = with pkgs; [
      google-chrome
    ];
  };

  # Enable automatic login for the user.
  services.xserver.displayManager.autoLogin.enable = true;
  services.xserver.displayManager.autoLogin.user = "officialrajdeepsingh";

  # Workaround for GNOME autologin: https://github.com/NixOS/nixpkgs/issues/103746#issuecomment-945091229
  systemd.services."getty@tty1".enable = false;
  systemd.services."autovt@tty1".enable = false;


  services.openssh = {
      enable = true;
      settings = {
        PasswordAuthentication = true;
      };
  };
  system.stateVersion = "23.05"; # Did you read the comment?
}

You can edit the configuration.nix file to easily enable NGINX and Git using NixOS options. NixOS options let you choose whether to turn features on or off and configure how they should work.

# /etc/nixos/configuration.nix

services.nginx.enable = true;
programs.git.enable = true;

....

Every time you modify the configuration.nix file to apply changes to NixOS, you’ll need to build your NixOS using the following command:

sudo nixos-rebuild switch

The nixos-rebuild command generates a new NixOS generation based on your configuration file. This generation is a complete, immutable snapshot of your system's configuration (packages, services, settings) that’s created every time you run that nixos-rebuild command.

The switch flag helps to build and activate the new generation at the same time, and make it the default boot in NixOS.

After a system update, if the new generation isn’t desirable, you can roll back or switch to a previous generation using the nixos-rebuild switch --rollback command. For example, if I’m currently on generation 22, which is the default boot, and I don't like this generation, I can use the rollback flag to switch back to generation 21 in NixOS.

The NixOS rollback feature helps you test new functions and features to see if they work properly when you install new applications or programs on NixOS.

Why is the Declarative Approach (Declarative Configuration) used in NixOS?

The Declarative Approach is particularly useful because it allows you to share your NixOS configuration file with other developers using GitHub and GitLab. By using the configuration.nix file, other developers can build the same system or machine (making it reproducible).

This approach also helps you manage configurations because all your settings are in one place, making it easy to adjust them at any time.

What Are Reproducible Systems?

This concept of reproducibility is important. In NixOS, we can achieve reproducibility using the configuration.nix file. For example, when two developers use the same NixOS configuration file on their machines, they can achieve highly reproducible and consistent system setups.

This is one feature that makes NixOS so useful for developers, teams, CI/CD, servers, and DevOps. With NixOS, you can avoid the common issue of "it doesn't work on my machine."

How Does NixOS Work?

NixOS works differently compared to traditional Linux distributions. In traditional Linux distros, such as Ubuntu and Debian, you can use the apt command to install a new application or program in your distro, like this:

sudo apt install git # Install git package

sudo apt install nodejs # Install node.js package

sudo apt install npm  # Install NPM package

But as we discussed above, NixOS uses a declarative configuration approach that’s immutable, reproducible, and portable.

This means that you can’t install any packages or programs like Git, Chrome, Firefox, Node, Deno, Bun, and so on using the apt, dkpg, or pacman commands (as NixOS uses its own package manager, Nix).

Instead, you edit the configuration.nix file and mention your package and program, such as Node.js, NGINX, or Git in the file and rebuild your NixOS using the nixos-rebuild command.

# /etc/nixos/configuration.nix

services.nginx.enable = true;
programs.git.enable = true;

environment.systemPackages = [
  pkgs.nodejs_24
];

Again, this creates a new generation every time you modify the NixOS configuration and run the nixos-rebuild command in your system.

To understand in more detail how NixOS works, check out this more in-depth tutorial.

What Are the Benefits of Using NixOS?

There are many benefits to using NixOS over a traditional distro, some of which I’ve already mentioned. Let’s summarize them here:

1. Declarative configuration: All settings for your system, including programs, applications, and services, are written in a single configuration file rather than being installed manually.

2. Instant rollbacks: There's no need to worry about breaking your system. If something goes wrong during an update, you can easily revert to the previous version.

3. Safe updates: Updates either complete successfully or don’t apply at all, ensuring your system never ends up in a half-broken state.

4. Reproducible systems: With the same configuration, you can recreate the same system every time, eliminating issues like "it doesn’t work on my machine."

5. No dependency conflicts: Multiple versions of applications can coexist without issues, allowing different programs such as Node.js and Python to operate together seamlessly.

6. Extensive package ecosystem: The Nix Packages collection comprises thousands of up-to-date packages maintained by the NixOS community.

7. Setting up a new machine: Copy your configuration file, rebuild the system, and complete the setup in just a few minutes, whether for a laptop or a server.

8. Immutable system: The design of an immutable system keeps core system paths unchanged. This prevents accidental alterations and enhances reliability, as core components become read-only and cannot be modified after the initial build.

When Would NixOS Not Be the Best Choice?

There are various situations where NixOS may not be the best choice for you. Here are some of the main issues:

1. NixOS has a steep learning curve, particularly for beginner and intermediate developers.

2. It doesn’t offer a simple one-click installation solution for applications and programs on your machine or laptop.

3. You can’t install system-wide applications or programs without editing the NixOS configuration files and rebuilding the system.

4. NixOS lacks a larger community and readily available tutorials compared to Ubuntu, and its documentation is not very beginner-friendly – so you may need to rely on your own resources.

How to Set Up NixOS and the Nix Package Manager on Your Laptop

Now we’re ready to dive in and set up NixOS. But what you need to install depends on your operating system:

• On macOS or Windows, you’ll install Nix, the package manager. This lets you use Nix to install and manage software on your existing operating system. You don’t install NixOS itself on macOS or Windows.

• On Linux, installing NixOS means installing a new OS (it’s like installing Ubuntu or Debian).

Because NixOS is a full operating system, you’ll need to install it on a fresh machine or partition, which will typically erase existing data during installation unless you set up dual-booting.

And remember, while NixOS is a Linux distribution, it works differently (than Ubuntu or Debian, for example) because the entire system is configured declaratively using Nix.

Install Nix Package Manager

The following command helps you to install the Nix language and the Nix Package Manager on macOS and Windows (via WSL).

# Windows: Multi-user installation (recommended)
sh <(curl --proto '=https' --tlsv1.2 -L https://nixos.org/nix/install) --daemon

# Windows: Single-user installation
sh <(curl --proto '=https' --tlsv1.2 -L https://nixos.org/nix/install) --no-daemon

# MacOS:
sh <(curl --proto '=https' --tlsv1.2 -L https://nixos.org/nix/install)

If you’re a newcomer, before running the command I recommend watching this tutorial on YouTube and checking out the official documentation.

Install NixOS

You can install the NixOS distro with a Linux command. Before proceeding, make sure you meet the following requirements:

• A USB drive (8 GB or more)

• A second computer (to create the USB)

• A backup of your data (installation can erase the disk)

• An internet connection (Wi-Fi or Ethernet)

There are multiple steps for installing NixOS on your machine or laptop. You can check out the following tutorial, which describes in detail how you can install NixOS on your machine very easily.

How to Install a Package in NixOS

NixOS has a large registry of active packages, with 120,000 packages available. Every package you install from the stable channel is built reproducibly and reviewed by the Nix community, so you shouldn’t encounter any issues.

Installing a new package on NixOS using the Nix Package Manager is quite simple. First, visit the NixOS Packages Search site.

Then just search for the package that you’re looking for. In our case, we’ll search for Neovim – and then just type the package name in the search input and hit enter.

Copy the resulting code it shows, and paste it into your configuration.nix file:

# /etc/nixos/configuration.nix

environment.systemPackages = [
  pkgs.neovim # add inside file.
];

Then rebuild your NixOS using the sudo nixos-rebuild switch command. Remember that you’ll need to do this whenever you make changes to the configuration.nix file.

Demo (How to Install Neovim in NixOS)

FAQ

Is NixOS only for advanced users?

No, NixOS can be a great fit for anyone. Due to its steeper learning curve, beginners may struggle at first – but once you understand it, I bet you’ll love it.

Why is the Nix language so weird?

Nix is purely functional and is designed for reproducible builds. It’s not a general-purpose language and is rather a configuration language. You’ll only need 10–15% of the language for daily use.

How is NixOS different from Ubuntu / Arch?

Let’s compare some important NixOS features with other distros:

Can I use NixOS for development?

Yes, NixOS is an excellent distro for:

• Frontend development (Node, Bun, Deno)

• Backend development (Go, Rust, Python)

• Consistent development environments across machines

• CI/CD reproducibility

Is NixOS good for daily use?

Yes – NixOS has an initial learning phase that can be difficult, but once you get past it, you can use NixOS on your work laptops, servers, home PCs, and development machines.

Should I learn NixOS as a beginner developer?

To be honest, if you want quick results, NixOS may not be for you. But if you're aiming for long-term mastery, you will definitely like NixOS.

Does NixOS work on macOS and Windows?

Yes, you can use Nix and the Nix Package Manager on macOS and Windows, and they work well. You can install and package software using the Nix configuration file as mentioned in this tutorial.

Conclusion

I think that NixOS is the best Linux distro – but it’s not super beginner-friendly. Still, I prefer it because it’s a powerful and reliable distro that’s designed for users who value control, reproducibility, and safety.

Managing the entire system through declarative configuration enables consistent setups, safe upgrades, and easy rollbacks. This makes it especially suitable for developers, DevOps engineers, and infrastructure-focused teams.

Just keep in mind that NixOS is not for everyone. Its learning curve and configuration-driven workflow can be steep for beginners, casual users, or those who want quick, click-and-install convenience. So check it out and decide if it’s right for you and your team.

To Learn more beginner tutorials on NixOS, check out the NixOS publication on Medium.

• What is Declarative Configuration in NixOS? Understanding Declarative vs Imperative Approaches

• Understand the difference between Home Manager vs Nix Flake in NixOS?

• Why did I choose NixOS, and what are the advantages and disadvantages of using NixOS?

The error message failed to authenticate via web browser: Too many requests have been made in the same timeframe. (slow_down) appeared on my terminal, while on the web browser, it indicated that the authentication was successful.

I googled and found some workarounds that I tried, but only one worked like a charm!

After finally solving the tricky authentication issue for GitHub CLI on WSL2, I've put together this guide. It's a complete walkthrough for a solution that works, covering everything from a smooth installation to ongoing management.

Table of Contents

• Prerequisites

• How to Install GitHub CLI on WSL2

• How to Authenticate GitHub CLI on WSL2 with Your GitHub Account

• How to Upgrade GitHub CLI on WSL2

• How to Uninstall GitHub CLI on WSL2

• How to Revoke GitHub CLI Access on GitHub

• Final Words

Prerequisites

Before getting started, ensure that you have these installed on your Windows machine:

• WSL2

• A Linux distro

• Windows PowerShell

• Windows Terminal (optional)

To follow the instructions in this article, you can use Windows PowerShell terminal as an administrator.

Alternatively, if you have Windows Terminal installed, you can use the Linux terminal by clicking the ‘down arrow’ icon at the top and selecting the distro.

How to Install GitHub CLI on WSL2

You can use the installation process described here if you use Ubuntu, Debian, or Raspberry Pi OS (apt) distros. For other distros other than those mentioned here, you can walk through the installation process that's available on the GitHub CLI official docs.

To install GitHub CLI in WSL2:

1. Run this command:

    (type -p wget >/dev/null || (sudo apt update && sudo apt install wget -y)) \
        && sudo mkdir -p -m 755 /etc/apt/keyrings \
        && out=$(mktemp) && wget -nv -O$out https://cli.github.com/packages/githubcli-archive-keyring.gpg \
        && cat $out | sudo tee /etc/apt/keyrings/githubcli-archive-keyring.gpg > /dev/null \
        && sudo chmod go+r /etc/apt/keyrings/githubcli-archive-keyring.gpg \
        && sudo mkdir -p -m 755 /etc/apt/sources.list.d \
        && echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null \
        && sudo apt update \
        && sudo apt install gh -y
   

2. Type your Linux password when you get prompted.

3. Ensure the GitHub CLI is installed by running gh --version command. If the installation is successful, you should see something like this in your terminal:

    gh version 2.76.2 (2025-07-30)
    https://github.com/cli/cli/releases/tag/v2.76.2
   

How to Authenticate GitHub CLI on WSL2 with Your GitHub Account

Before you can use GitHub CLI, you must first authenticate it. You will get an HTTP 401: Bad credentials (https://api.github.com/graphql) error message if you run any GitHub CLI command without authenticating.

To authenticate GitHub CLI with your GitHub account:

1. Run the gh auth login command in your terminal.

2. You will receive several prompts, and you need to choose the methods you prefer. Here’s what I selected in each prompt:

    ? Where do you use GitHub? GitHub.com
    ? What is your preferred protocol for Git operations on this host? HTTPS
    ? How would you like to authenticate GitHub CLI? Login with a web browser
   

   After answering all prompts, you should get the message to copy a one-time code as shown below. You don’t need to copy the code at this point.

    ! First copy your one-time code: XXXX—XXXX
   

3. Press ‘Enter’. It automatically opens the "Device Activation" page on your browser.

4. Click the green ‘Continue’ button.

   

   GitHub should ask you to enter the code displayed on your terminal, as shown in the screenshot below. But here’s the trick! Don’t paste any code, and don’t close the browser. Let’s first get back to your terminal.

   

   Now you might get this error message on your terminal:

    grep: /proc/sys/fs/binfmt_misc/WSLInterop: No such file or directory
    WSL Interopability is disabled. Please enable it before using WSL.
    grep: /proc/sys/fs/binfmt_misc/WSLInterop: No such file or directory
    [error] WSL Interoperability is disabled. Please enable it before using WSL.
   

5. Press Ctrl + C to stop the process if it's still running, or let it stop by itself. Once it's stopped, you should see this message:

    failed to authenticate via web browser: Too many requests have been made in the same timeframe. (slow_down)
   

6. Run the gh auth login command again and repeat the process to select the methods of your choice. This time, when it asks you to press ‘Enter’, don’t press it.

7. Copy the latest code and return to the "Device Activation" page that you left open in your browser.

8. Paste the code that you copied and click the green ‘Continue’ button.

9. Click the green ‘Authorize github’ button after GitHub redirects you to the “Authorize GitHub CLI” page. You should now see the message “Congratulations, you're all set!”

10. Get back to your terminal and press ‘Enter’. Doing so triggers these actions:

    • It automatically opens a new “Device Activation” page in your browser. You can safely ignore this.

    • In the terminal, you first see the error message as in step 4. Don’t do anything and wait for a little bit. Then, you get:

        ✓ Authentication complete.
        - gh config set -h github.com git_protocol https
        ✓ Configured git protocol
        ! Authentication credentials saved in plain text
        ✓ Logged in as YOUR-GITHUB-USERNAME
        ! You were already logged in to this account
      

And GitHub CLI is now successfully authenticated!

Credit goes to username “ikeyan” on GitHub for their GitHub CLI authentication solution!

How to Upgrade GitHub CLI on WSL2

It’s always a good practice to regularly check for package and dependency updates, and upgrade to the newest version when it’s available — this includes GitHub CLI. To check for updates and upgrade the version of GitHub CLI:

1. Run the sudo apt update command in your terminal. This command fetches the list of available updates.

2. Type your Linux password when you get prompted.

3. If you need to upgrade your GitHub CLI, run sudo apt install gh. This command installs the newest version of GitHub CLI.

4. Type your Linux password when you get prompted.

Now your GitHub CLI has the newest version.

How to Uninstall GitHub CLI on WSL2

If one day you feel like you don’t need to use GitHub CLI anymore, you can uninstall it by following these steps:

1. Run the sudo apt remove gh command in your terminal.

2. Type your Linux password when you get prompted.

3. Press ‘Y’ to continue the uninstall process.

GitHub CLI is now uninstalled from your WSL environment.

How to Revoke GitHub CLI Access on GitHub

After uninstalling the GitHub CLI, you might think your account access is gone, but it's not. The authentication you granted is still active. If you don't plan on using the CLI again, it's a good practice to revoke this access.

Here's how to do it directly from your GitHub account:

1. On your GitHub account, click your profile picture on the top right and click ‘Settings’.

   

   2. On the left side bar, find ‘Integrations’ and click ‘Applications’.

      

   3. Click the ‘Authorized OAuth Apps’ tab on top.

      

   4. Find GitHub CLI and click the ‘three dots’ icon next to it.

   5. Click ‘Revoke’.

      

   6. Confirm it by clicking the ‘I understand, revoke access’ button.

Now, GitHub CLI doesn’t have access to your GitHub account.

Final Words

🖼️ Credit cover image: undraw.co

Thank you for reading! Last, you can find me on X and LinkedIn. Let's connect! 😊

You can use RHEL's task scheduling capabilities in scenarios like automating system maintenance (for example, log rotation or backup operations), managing routine administrative tasks (like user account cleanup or security updates), or orchestrating complex workflows in enterprise environments. These scheduling tools are essential for maintaining system health and ensuring that critical operations run without manual intervention.

For system administrators, think of task scheduling as the backbone of automated system management, enabling you to set up processes that run reliably in the background while you focus on more strategic initiatives. Its power lies in its flexibility and reliability, making it an indispensable skill for anyone managing Linux systems in production environments.

In this tutorial, you’ll learn how to schedule tasks in Red Hat Enterprise Linux using various built-in tools and techniques. This content is part of Schedule Future Tasks, which is Chapter 2 of the Red Hat System Administration (RH134) course. RH134 is a fundamental course for the Red Hat Certified System Administrator (RHCSA) certification, one of the most respected credentials in the Linux administration field.

This hands-on tutorial provides practical experience with the scheduling concepts covered in the RH134 curriculum, giving you the skills needed to automate tasks effectively in enterprise RHEL environments.

Here's what we'll cover:

• How to Schedule a One-time Job with 'at'

• How to Manage 'at' jobs

• How to Schedule Recurring User Jobs with 'crontab'

• How to Manage User 'crontab' Entries

• How to Schedule Recurring System Jobs with cron Directories

• How to Configure systemd Timers for Recurring Tasks

• How to Manage Temporary Files with systemd-tmpfiles

Prerequisites

This tutorial is designed to be beginner-friendly! You just need basic familiarity with using the Linux command line. If you can navigate directories and run simple commands, you're ready to start.

For those looking to deepen their RHEL knowledge, the RHEL Skill Tree offers comprehensive hands-on labs including RH124, RH134, RH294, and other courses for RHCSA and RHCE certifications.

Don't worry if you're new to Red Hat Enterprise Linux – I'll explain everything step by step, and these concepts work on most Linux distributions too.

How to Schedule a One-time Job with 'at'

First, let’s learn how to schedule a job to run once at a future time using the at command. The at command is useful for executing commands that don’t need to be run repeatedly. We will schedule a simple job, inspect its details, and then remove it.

In this tutorial, we will work directly on the local system to learn task scheduling. You’ll execute all commands in your current terminal environment.

Let's schedule a job to print the current date and time into a file named ~/myjob.txt in your home directory. We'll schedule it to run 3 minutes from now:

at now + 3 minutes << EOF
date > ~/myjob.txt
EOF

The warning: commands will be executed using /bin/sh message is normal. The job N at ... output indicates the job number and the scheduled execution time. Make a note of the job number, as you will need it later.

Next, let's schedule another job interactively. This method is useful for entering multiple commands or more complex scripts. We will schedule a job to append "Hello from at job!" to ~/at_output.txt 5 minutes from now:

at now + 5 minutes

After typing the command and pressing Enter, you will see an at> prompt. Type your command and then press Ctrl+d to finish:

at > echo "Hello from at job!" >> ~/at_output.txt
at > Ctrl+d

To view the jobs currently in the at queue, use the atq command. This command lists all pending at jobs for the current user.

atq

The output will show the job number, the scheduled time, the queue, and the user who scheduled it.

You can inspect the commands that a specific at job will run using the at -c command followed by the job number. Replace N with one of the job numbers you noted earlier.

at -c N

This command will display the shell script that at will execute for that job. You should see the date > ~/myjob.txt or echo "Hello from at job!" >> ~/at_output.txt command within the output.

Finally, to remove a scheduled at job, use the atrm command followed by the job number. Let's remove the first job we scheduled. Replace N with the job number of your first job.

atrm N

After removing the job, you can use atq again to verify that it is no longer in the queue.

atq

You should now only see the second job (if it hasn't executed yet) or an empty queue if both jobs have been removed or executed.

This completes the first step of scheduling one-time jobs with the at command.

How to Manage 'at' jobs

Now, let’s delve deeper into managing at jobs, including scheduling jobs with different queues and verifying their execution. Understanding at queues can be useful for prioritizing tasks or separating different types of one-time jobs.

We will continue working on the local system to explore more advanced at job management features.

The at command allows you to specify a queue using the -q option. Queues are single letters from a to z. Queue a is the default, and jobs in queues a through z are executed with decreasing niceness (priority). Queue a has the highest priority, and queue z has the lowest. Queue b is reserved for batch jobs.

Let's schedule a job in queue g (a lower priority queue) to run in 2 minutes. This job will create a file named ~/queue_g_job.txt with a timestamp:

at -q g now + 2 minutes << EOF
date > ~/queue_g_job.txt
EOF

You will see output similar to job N at .... Note down this job number.

Next, let's schedule another job, this time in queue b (batch queue), which is typically used for jobs that can run when system load is low. This job will append "Batch job executed!" to ~/batch_job.txt. We'll schedule it to run 4 minutes from now:

at -q b now + 4 minutes << EOF
echo "Batch job executed!" >> ~/batch_job.txt
EOF

Again, note down the job number.

To see all pending jobs, including those in different queues, use atq.

atq

You should now see both jobs listed, with their respective queue letters (g and b).

Now, wait for your scheduled jobs to execute. Wait for at least 5 minutes to allow all jobs to complete. You can check if the files created by your at jobs exist and contain the expected content.

Check ~/queue_g_job.txt:

cat ~/queue_g_job.txt

You should see a date and time string.

Check ~/batch_job.txt:

cat ~/batch_job.txt

You should see "Batch job executed!".

If the files are not present or empty, it might mean the jobs haven't executed yet, or there was an issue with the command. You can re-check atq to see if they are still pending.

How to Schedule Recurring User Jobs with 'crontab'

Next, you’ll learn how to schedule recurring tasks for a specific user using crontab. Unlike at jobs, which run once, cron jobs run repeatedly at specified intervals. This is ideal for routine maintenance, data backups, or generating reports.

We will continue working on the local system to learn about user crontab management.

The crontab command allows users to create, edit, and view their own cron jobs. Each user has their own crontab file.

To edit your crontab file, use the crontab -e command. This will open your crontab file in the default text editor (usually vim).

crontab -e

Vim editor instructions:

• Press i to enter insert mode (you'll see -- INSERT -- at the bottom)

• Use arrow keys to navigate

• To save and exit: Press Esc to exit insert mode, then type :wq and press Enter

• To exit without saving: Press Esc, then type :q! and press Enter

Inside the editor, you will add a new line to define your cron job. A cron entry has five time-and-date fields, followed by the command to be executed. The fields are:

• Minute (0-59)

• Hour (0-23)

• Day of Month (1-31)

• Month (1-12)

• Day of Week (0-7, where 0 or 7 is Sunday)

You can use * as a wildcard to mean "every" for a field, or / to specify step values (for example, */5 for every 5 minutes).

Let's schedule a job that appends the current date and time to a file named ~/my_cron_log.txt every minute. This will allow us to quickly observe the cron job in action.

Follow these steps in Vim:

1. Press i to enter insert mode

2. Add the following line to the crontab file:

* * * * * /usr/bin/date >> ~/my_cron_log.txt

3. Press Esc to exit insert mode

4. Type :wq and press Enter to save and exit

You should see a message indicating that a new crontab has been installed:

crontab: installing new crontab

To verify that your cron job has been successfully added, you can list your crontab entries using the crontab -l command:

crontab -l

You should see the line you just added:

* * * * * /usr/bin/date >> ~/my_cron_log.txt

Now, wait for a minute or two to allow the cron job to execute at least once. You can check the current time to see when the next minute mark will occur:

date

After waiting for at least two minutes to allow the cron job to execute a couple of times, check the content of the ~/my_cron_log.txt file.

cat ~/my_cron_log.txt

You should see one or more lines, each containing a date and time, indicating that your cron job has executed.

Mon Apr 8 10:30:01 AM EDT 2025
Mon Apr 8 10:31:01 AM EDT 2025

How to Manage User 'crontab' Entries

Now you will learn more advanced techniques for managing user crontab entries, including editing existing jobs, adding multiple jobs, and understanding special cron strings. Effective crontab management is crucial for automating routine tasks.

We will continue working on the local system to explore advanced crontab management techniques.

Let's start by adding a new cron job. This job will append "Hello from cron!" to ~/cron_messages.txt every two minutes.

Open your crontab for editing:

crontab -e

In Vim:

1. Press i to enter insert mode

2. Add the following line to the crontab file:

*/2 * * * * echo "Hello from cron!" >> ~/cron_messages.txt

3. Press Esc to exit insert mode

4. Type :wq and press Enter to save and exit

Verify that the entry is added:

crontab -l

You should see the newly added line.

Now, let's add another cron job that runs daily at 08:00 AM. This job will record the disk usage of your home directory to ~/disk_usage.log.

Open your crontab for editing again:

crontab -e

In Vim:

1. Press i to enter insert mode

2. Add the following line below the previous one:

0 8 * * * du -sh ~ >> ~/disk_usage.log

3. Press Esc to exit insert mode

4. Type :wq and press Enter to save and exit

Verify that both entries are present:

crontab -l

You should now see both cron jobs listed.

cron also supports special strings that can simplify common schedules. These include @reboot, @yearly, @annually, @monthly, @weekly, @daily, @midnight, and @hourly. For example, @hourly is equivalent to 0 * * * *.

Let's add a job that runs hourly and records the system uptime to ~/uptime_log.txt.

Open your crontab for editing:

crontab -e

In Vim:

1. Press i to enter insert mode

2. Add the following line:

@hourly uptime >> ~/uptime_log.txt

3. Press Esc to exit insert mode

4. Type :wq and press Enter to save and exit

Verify all three entries:

crontab -l

You should now see all three cron jobs.

To demonstrate the effect of these jobs, we will wait for a short period. Since the jobs are scheduled at different intervals, we won't see all of them execute immediately, but we can verify the setup.

Wait for at least 3 minutes to allow the */2 job to run at least once.

Check the ~/cron_messages.txt file:

cat ~/cron_messages.txt

You should see at least one "Hello from cron!" message.

Hello from cron!

The ~/disk_usage.log and ~/uptime_log.txt files might not be created yet, depending on the current time, as they are scheduled for daily and hourly execution, respectively. The important part is that their entries are correctly configured in your crontab.

How to Schedule Recurring System Jobs with cron Directories

In this step, you will learn how to schedule recurring system-wide tasks using cron directories. Unlike user crontab entries, which are specific to a user, system cron jobs are managed by the root user and affect the entire system. These are typically used for system maintenance, log rotation, and other administrative tasks.

We will continue working on the local system to explore system-wide cron job configuration.

System-wide cron jobs are defined in /etc/crontab or by placing scripts in specific directories:

• /etc/cron.hourly/: Scripts in this directory run once an hour.

• /etc/cron.daily/: Scripts in this directory run once a day.

• /etc/cron.weekly/: Scripts in this directory run once a week.

• /etc/cron.monthly/: Scripts in this directory run once a month.

These directories are processed by the run-parts utility, which executes all executable files within them.

To manage system cron jobs, you need root privileges. Since the labex user has sudo access, we can use sudo for the required commands.

Let's create a simple script that logs a message to the system log. We will place this script in /etc/cron.hourly/ to make it run hourly.

First, create the script file /etc/cron.hourly/my_hourly_script:

sudo nano /etc/cron.hourly/my_hourly_script

Add the following content to the file:

#!/bin/bash
logger "Hourly cron job executed at $(date)"

Save and exit the editor (Ctrl+o, Enter, Ctrl+x in nano).

Next, you need to make the script executable. Without execute permissions, run-parts will ignore it.

sudo chmod +x /etc/cron.hourly/my_hourly_script

Now, let's verify that the script is executable:

ls -l /etc/cron.hourly/my_hourly_script

You should see x in the permissions, for example: -rwxr-xr-x.

Since cron.hourly jobs run once an hour, we can't wait for a full hour to verify its execution in this tutorial. But we can manually trigger the run-parts command for the hourly directory to simulate its execution.

sudo run-parts /etc/cron.hourly/

This command will execute all executable scripts in /etc/cron.hourly/. The script we created uses the logger command to write messages to the system log.

In a real RHEL system, you would be able to check the system logs using journalctl or /var/log/messages to verify that the script executed successfully.

This completes the system cron job management step. The script will remain in place and would execute hourly in a real system environment.

How to Configure systemd Timers for Recurring Tasks

Next, you will learn about systemd timers, which are a modern alternative to cron for scheduling tasks on Linux systems. systemd timers offer more flexibility and better integration with the systemd ecosystem.

systemd timers work in conjunction with systemd service units. A timer unit (.timer file) defines when a task should run, and a service unit (.service file) defines what task should be executed.

We will continue working on the local system to explore systemd timer configuration.

You will need root privileges to create systemd unit files in system directories. Since the labex user has sudo access, we can use sudo for the required commands.

Let's create a simple service that logs a message to a file. We will place this service unit file in /etc/systemd/system/ which is where custom service units are typically stored.

Create the service unit file /etc/systemd/system/my-custom-task.service:

sudo nano /etc/systemd/system/my-custom-task.service

Add the following content to the file:

[Unit]
Description=My Custom Scheduled Task

[Service]
Type=oneshot
ExecStart=/bin/bash -c 'echo "My custom task executed at $(date)" >> /var/log/my-custom-task.log'

Save and exit the editor (Ctrl+o, Enter, Ctrl+x in nano).

Next, create the timer unit file /etc/systemd/system/my-custom-task.timer. This timer will activate our service every 5 minutes.

sudo nano /etc/systemd/system/my-custom-task.timer

Add the following content to the file:

[Unit]
Description=Run My Custom Scheduled Task every 5 minutes

[Timer]
OnCalendar=*:0/5
Persistent=true

[Install]
WantedBy=timers.target

Save and exit the editor.

Explanation of OnCalendar:

• *:0/5 means "every 5 minutes".

  • * for year, month, day, hour (any value).

  • 0/5 for minute, meaning starting at minute 0, every 5 minutes (0, 5, 10, ..., 55).

In a typical systemd environment, you would now run systemctl daemon-reload to make systemd aware of the new unit files, and then systemctl enable --now my-custom-task.timer to start the timer.

Let's verify the existence of the created files:

ls -l /etc/systemd/system/my-custom-task.service
ls -l /etc/systemd/system/my-custom-task.timer

You should see output indicating that both files exist.

To simulate the execution of the service, you can manually run the command defined in ExecStart:

sudo /bin/bash -c 'echo "My custom task executed at $(date)" >> /var/log/my-custom-task.log'

Now, check the log file to see the output:

sudo cat /var/log/my-custom-task.log

You should see the message you just logged:

My custom task executed at Tue Jun 10 06:54:40 UTC 2025

This completes the systemd timer configuration step. The service and timer unit files will remain in place for reference.

How to Manage Temporary Files with systemd-tmpfiles

Now you’ll learn how to manage temporary files and directories using systemd-tmpfiles. This utility is part of systemd and is responsible for creating, deleting, and cleaning up volatile and temporary files and directories. It's commonly used to manage /tmp, /var/tmp, and other temporary storage locations, ensuring that old files are removed periodically.

We will continue working on the local system to explore systemd-tmpfiles configuration.

You will need root privileges to configure systemd-tmpfiles. Since the labex user has sudo access, we can use sudo for the required commands.

systemd-tmpfiles reads configuration files from /etc/tmpfiles.d/ and /usr/lib/tmpfiles.d/. These files define rules for creating, deleting, and managing files and directories.

Let's create a custom configuration file to manage a new temporary directory. We will create a directory /run/my_temp_dir and configure systemd-tmpfiles to clean files older than 1 minute from it.

Create the configuration file /etc/tmpfiles.d/my_temp_dir.conf:

sudo nano /etc/tmpfiles.d/my_temp_dir.conf

Add the following content to the file:

d /run/my_temp_dir 0755 labex labex 1m

Explanation of the line:

• d: Specifies that this entry defines a directory.

• /run/my_temp_dir: The path to the directory.

• 0755: The permissions for the directory.

• labex labex: The owner and group for the directory.

• 1m: The age after which files in this directory should be deleted (1 minute).

Save and exit the editor (Ctrl+o, Enter, Ctrl+x in nano).

Now, let's tell systemd-tmpfiles to apply this configuration. The --create option will create the directory if it doesn't exist.

sudo systemd-tmpfiles --create /etc/tmpfiles.d/my_temp_dir.conf

Verify that the directory has been created with the correct permissions and ownership:

ls -ld /run/my_temp_dir

You should see output similar to:

drwxr-xr-x 2 labex labex 6 Jun 10 06:55 /run/my_temp_dir

Next, let's create a test file inside this new temporary directory:

sudo touch /run/my_temp_dir/test_file.txt

Verify the file exists:

ls -l /run/my_temp_dir/test_file.txt

Now, we need to wait for more than 1 minute for the file to become "old" according to our configuration. Wait for at least 70 seconds (1 minute and 10 seconds).

After waiting for more than 1 minute, we will manually run systemd-tmpfiles with the --clean option to trigger the cleanup process based on our configuration.

sudo systemd-tmpfiles --clean /etc/tmpfiles.d/my_temp_dir.conf

Finally, check if the test_file.txt has been removed:

ls -l /run/my_temp_dir/test_file.txt

You should get a "No such file or directory" error, indicating that systemd-tmpfiles successfully cleaned up the old file.

This completes configuring the systemd-tmpfiles. The configuration file and temporary directory will remain in place for reference.

Summary

In this tutorial, you learned how to schedule and manage one-time tasks using the at command, including scheduling jobs interactively and non-interactively, viewing the at queue with atq, and deleting pending jobs with atrm. You also learned how to schedule recurring user-specific tasks using crontab, including how to edit, list, and remove cron jobs, and you learned the cron syntax for specifying execution times.

We also demonstrated how to schedule system-wide recurring tasks by placing scripts in standard cron directories (/etc/cron.hourly, /etc/cron.daily, etc.) and how to create custom cron jobs in /etc/cron.d.

Finally, you explored advanced task scheduling with systemd timers, learning to create and enable service and timer units for recurring tasks, and how to manage temporary files and directories using systemd-tmpfiles for automated cleanup.

This comprehensive tutorial provided practical experience in managing diverse task scheduling needs on RHEL systems, from simple one-off commands to complex recurring system processes.

To practice the operations from this tutorial, try the interactive hands-on lab: Schedule Tasks in Red Hat Enterprise Linux.

A common problem faced in networking is losing connectivity after modifying the network settings, which leads to an inability to access the system. This usually happens due to a misconfigured IP address, incorrect settings, and a poor understanding of network interface configurations.

In this article, we’ll guide you through understanding these network interface configurations, setting up and managing network interfaces on Linux, checking available interfaces, configuring static and dynamic IP addresses, and best practices to consider when setting up network interfaces. At the end of this article, you’ll have a solid foundation in network interfaces.

Table of Contents

• What are Network Interfaces?

• Types of Network Interfaces in Linux

• Why Network Interfaces Matter

• How to List Network Interfaces in Linux

• How to Configure Network Interfaces in Linux

• How to Set Up a Network Bridge in Linux

• Best Practices for Configuring Network Interfaces in Linux

• Conclusion

What are Network Interfaces?

A network interface is a connection point within the Linux system that allows communication with other devices within the network. It is how the Linux kernel links the software side of the network with the hardware side. Linux systems provide many network interfaces that help to facilitate communication between the system and other external networks.

Linux network interfaces are essential for troubleshooting, configuration, management, and optimization of networking tasks. Understanding what they are and how they work allows you to optimize your server networking and security.

Types of Network Interfaces in Linux

Network interfaces can be classified into two main categories: physical and virtual network interfaces.

Physical Network Interfaces

Physical network adapters are the hardware components of the network interface that connect the system to a physical network. These physical networks include Wi-Fi and Ethernet. These adapters, commonly called Network Interface Cards (NIC), can be identified by their device names, such as wlan0 and eth0. They include the following:

1. Ethernet Interface (eth0, eth1, and so on)

   Ethernet interface is used for wired connections via an Ethernet card and helps configure high-speed networking. It can be used in data centres and servers.

2. Wi-Fi interface (wlan0, wlan1, and so on)

   This represents a wireless network adapter, and it enables wireless connectivity via Wi-Fi networks to the servers.

Virtual Network Interfaces

Virtual network interfaces are software-based interfaces managed by the Linux operating system. They integrate network virtualization technologies like Docker or KVM. There are several virtual network interfaces, and the most common ones include:

• Loopback interface: This is a special interface that allows a system to communicate internally. It is permanently assigned the IP address 127.0.0.1, referred to as the localhost.

• Bridge Interface: They are used to connect multiple network interfaces. It is useful for virtualization environments (for example, Linux KVM, Docker networking).

• Tunnel Interface: This is used for VPNs and networking tunnels. It helps to facilitate the passage of encrypted network traffic.

Why Network Interfaces Matter

Network interfaces form an essential component of a Linux system. It enables communication between devices and the internet, and properly configuring these interfaces provides the following benefits:

Seamless connectivity: Network interfaces allow devices to communicate over local networks and the internet, enabling proper data exchange between servers and networks.

Proper network management: Administrators can configure network interfaces by creating, managing, and assigning static or dynamic IPs and optimizing traffic flow.

Improved security: Administrators can configure network interfaces with firewalls and VPNs to secure data and prevent unauthorized access.

It provides support for virtualization and containerization: Virtual network interfaces provide proper communication between virtual machines, Docker containers, and other physical servers. This makes them essential for creating and managing DevOps environments.

How to List Network Interfaces in Linux

You can check the available network interfaces within the Linux environment using the following commands.

1. Using the ip command:

   To list all network interfaces and their status, you can use the ip link show command. It displays details about the network interfaces, like the name, status, and MAC address.

2. Using the ifconfig command

   To list all network interfaces, use this command: ifconfig -a. The command also displays details about the network interfaces and their current state.

3. Using nmcli for NetworkManager-controlled systems

   To check the status of all network interfaces managed by NetworkManager, run:

   nmcli device status.

4. Using the /sys/class/net/ directory

   To list all network interfaces, run ls /sys/class/net/ This command is useful for scripting and automation because it provides a reliable way to check available interfaces programmatically.

How to Configure Network Interfaces in Linux

Network interface configuration is essential for managing Linux servers and workstations. Understanding this configuration will help ensure smooth connectivity within your systems. This section will give you the correct information on configuring network interfaces.

Assign a Static IP Address

A static IP address ensures the device maintains the same IP after each reboot. This is particularly useful for servers and devices that need consistent addressing. To assign a static IP address, the NetworkManager Command Line Interface (nmcli) provides a command-line utility to configure the network interface as shown below.

nmcli connection modify eth0 ipv4.addresses 192.168.1.100/24   # set a static IPv4 address and subnet mask

nmcli connection modify eth0 ipv4.gateway 192.168.1.1          # define the default gateway

nmcli connection modify eth0 ipv4.dns "8.8.8.8 8.8.4.4"        # configure primary and secondary DNS servers

nmcli connection modify eth0 ipv4.method manual                # switch the interface from DHCP to manual mode

nmcli connection up eth0                                       # bring the interface down and up to apply changes

These commands set a fixed IP, gateway, and DNS on eth0, switch the interface to manual mode, and restart it so the new settings take effect. The settings persist across reboots because they are stored by NetworkManager

Assign a Temporary IP Address

The ip command lets you configure interfaces dynamically (not persistent across reboots):

ip addr add 192.168.1.100/24 dev eth0     # assign 192.168.1.100/24 to interface eth0 (temporary)

ip route add default via 192.168.1.1      # set the default gateway to 192.168.1.1

These two commands give eth0 the IP 192.168.1.100/24 and point all outbound traffic to the gateway 192.168.1.1. The settings last only until the next reboot or interface reset.

Assign an IP Address with ifconfig (deprecated)

Older systems still ship with ifconfig and route. These commands are also temporary.

ifconfig eth0 192.168.1.100 netmask 255.255.255.0 up  # assign 192.168.1.100/24 to eth0 and bring it up

route add default gw 192.168.1.1 eth0                # set the default gateway to 192.168.1.1 via eth0

Note: Prefer ip or nmcli on modern systems.

Enable DHCP with nmcli

A DHCP-assigned address lets the network hand out an IP address automatically.

nmcli connection modify eth0 ipv4.method auto   # switch eth0 to use DHCP for automatic addressing

nmcli connection up eth0                        # restart the connection so the new DHCP setting takes effect

To renew or request a lease directly:

dhclient eth0   # manually request or renew an IP address via DHCP on interface eth0

These commands set eth0 to use DHCP, restart the link so the change takes effect, and (optionally) trigger an instant lease renewal.

Assign Multiple IP Addresses to One Interface

A network interface can have multiple addresses assigned to it, making it applicable to host multiple services on a single interface.

Using IP command (Temporary Assignment)

ip addr add 192.168.1.101/24 dev eth0   # add an extra IPv4 address to eth0 (temporary)

ip addr add 2001:db8::1/64 dev eth0     # add an IPv6 address to eth0 (temporary)

These two commands attach an extra IPv4 and an IPv6 address to eth0 until the interface resets or the system reboots

Persistent Configuration (Netplan)

Edit the /etc/netplan/01-netcfg.yaml file:

network:

  version: 2

  renderer: networkd

  ethernets:

    eth0:

      addresses:

        - 192.168.1.100/24

        - 192.168.1.101/24

        - 2001:db8::1/64

After editing the file, run sudo netplan apply to make the additional addresses stick across reboots.

How to Set Up a Network Bridge in Linux

A network bridge allows multiple interfaces to act as a single network segment, which is useful in virtualization (KVM, Docker).

Using brctl (bridge-utils package)

brctl addbr br0                       # create a new bridge interface named br0

brctl addif br0 eth0                  # add physical interface eth0 to the bridge

ip addr add 192.168.1.100/24 dev br0  # assign an IP address to the bridge, not to eth0

ip link set br0 up                    # bring the bridge interface online

These commands create bridge br0, attach eth0 to it, give the bridge its own IP, and bring it online.

Using nmcli (for NetworkManager-managed systems)

nmcli connection add type bridge ifname br0                       # create a new bridge named br0

nmcli connection modify br0 bridge.stp no                         # turn off Spanning Tree Protocol

nmcli connection add type bridge-slave ifname eth0 master br0     # attach physical interface eth0 to br0

nmcli connection up br0                                           # bring the bridge online so settings take effect

This sequence builds the same bridge through NetworkManager, disables STP for faster convergence, links eth0 as a slave, and activates the bridge so guests can reach the network.

Best Practices for Configuring Network Interfaces in Linux

Make Your Configurations Persistent

One of the mistakes network engineers make in Linux networking is making changes that do not persist after rebooting. While specific commands can modify the network settings temporarily, they do not save these changes permanently.

To ensure that these network settings survive server reboots, modify system configuration files such as /etc/network/interfaces. Once you ensure that all changes are persistent, there will be no unexpected disruptions when a system restarts.

Assign Static IPs for Servers

Static IP addresses are the best for servers and critical infrastructure. Unlike DHCP addresses, which can change over time, static IP addresses are more stable and reliable. For services like web hosting and database management, static IPs play a key role, as IP addresses do not need to change.

Secure Your Network Interfaces

Network interfaces are the entry points into a system, so if they are misconfigured, they could pose a considerable security risk. To reduce attacks, administrators should turn off all unused network interfaces by modifying the configuration file to prevent automatic activation. Additionally, you should use firewall tools to control the traffic that tries to reach the system.

Monitor Your Network Interfaces

As a system administrator, monitoring network interfaces helps prevent downtime and ensure proper network reliability. You can check the status of your network interfaces by running commands like link show or if-config -a. You can also monitor them in real time using tools like Netstat. Monitoring your systems ensures that network issues are detected early enough, reducing downtime and improving network stability.

Constantly Update Network Packages

You must constantly update network management tools and drivers because it helps to implement security patches and other performance improvements, as outdated network packages can cause security vulnerabilities. There are specific network-related packages such as network-manager, bridge-utils and iproute2.

Conclusion

Setting up network interfaces in Linux is a fundamental skill every system administrator should have. Whether configuring static IP addresses or enabling DHCP, understanding these concepts will ensure that your systems are stable and have proper connectivity. Implementing best practices like monitoring traffic and securing the network interface gives you the best results. As you continue working with Linux, you can experiment with different configurations to deepen your understanding of network interfaces.

You’ll learn how you can get information related to your OS (operating system), kernel, CPU, memory, processes, disks, networks, and installed software. You’ll explore the commands and their outputs in detail.

Table of Contents

• Why It's Important to Understand Your Linux System

• How to Get Your OS & Kernel Information in Linux

• How to Get Your CPU Information in Linux

• How to Get Your Memory Information in Linux

• How to Get Your Disk & Filesystem Information in Linux

• How to Get Your Hardware Information in Linux

• How to Get Your Network Interfaces & Status Information in Linux

• How to Get Your Software & Services Information in Linux

• How to Get Your Logs & Dmesg In formation in Linux

• How to Get Your Security/User Audit Information in Linux

• Visually Appealing Commands

• Conclusion

Why It's Important to Understand Your Linux System

System Administration

System administrators need to have an understanding of the system so they are able to:

• Manage users, groups, and permissions effectively.

• Configure services like web servers, databases, and so on.

• Automate repetitive tasks with scripts and cron jobs.

Troubleshooting

When the system is in a problematic state, a solid understanding of the system specification and configuration helps you to:

• Identify and resolve system errors quickly.

• Analyze system logs and monitor performance.

• Diagnose network and hardware issues.

Security Auditing

If you are in a security related role, knowing your system in depth helps you to:

• Monitor logs for unauthorized access.

• Configure firewalls and security policies.

• Detect and remove malicious processes or software.

Performance Optimization

If you know how to gather information related to system resources, you can measure them and create a projection for the future use. You can also:

• Tune system parameters for better efficiency.

• Monitor resource usage (CPU, memory, disk, I/O).

• Eliminate bottlenecks and optimize workloads.

Proactive Maintenance

It is a good practice to be able to prevent issues before they occur. Once you know your system well, you can:

• Schedule regular updates and backups.

• Ensure system reliability and uptime.

Understanding your Linux system gives you greater control, enhances system stability, and improves your overall effectiveness as a system administrator or power user.

In the next section, we’ll discuss some essential commands for gathering system information.

How to Get Your OS & Kernel Information in Linux

uname -a Command

uname -a provides full kernel information:

uname -a
Linux ip-172-31-90-178 6.8.0-1024-aws #26-Ubuntu SMP Tue Feb 18 17:22:37 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Here is what each part means in the above command:

• Linux: The kernel name.

• ip-172-31-90-178: The network hostname of the system.

• 6.8.0-1024-aws: The kernel version and AWS-specific build.

• #26-Ubuntu: The kernel build number.

• SMP: Symmetric Multi-Processing, indicating that the kernel is compiled for multiple processors.

• Tue Feb 18 17:22:37 UTC 2025: The date and time when the kernel was compiled.

• x86_64 x86_64 x86_64: The machine hardware name (architecture), processor type, and platform type, all indicating 64-bit x86 architecture.

• GNU/Linux: The operating system name.

Based on this output, I’m running on an AWS EC2 instance with a 64-bit Ubuntu Linux distribution using a kernel that was specifically built for AWS infrastructure.

uname -r and uname -s Commands

The uname -r and uname -s commands specify the kernel version and OS type information:

uname -r
6.11.0-25-generic

uname -s
Linux

cat /etc/os-release Command

The cat /etc/os-release command provides distribution information:

cat /etc/os-release
PRETTY_NAME="Ubuntu 24.04.2 LTS"
NAME="Ubuntu"
VERSION_ID="24.04"
VERSION="24.04.2 LTS (Noble Numbat)"
VERSION_CODENAME=noble
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=noble
LOGO=ubuntu-logo

Here is what each part means in the above command:

• PRETTY_NAME="Ubuntu 24.04.2 LTS": The user-friendly name of the distribution including version and LTS (Long Term Support) designation.

• NAME="Ubuntu": The name of the Linux distribution.

• VERSION_ID="24.04": The version number of the Ubuntu release (Year/Month format).

• VERSION="24.04.2 LTS (Noble Numbat)": The complete version information including:

  • 24.04: Major version (released April 2024)

  • .2: Point release number

  • LTS: Long Term Support

  • Noble Numbat: The release codename

• VERSION_CODENAME=noble: The codename for this Ubuntu release ("Noble").

• ID=ubuntu: The machine-readable name of the operating system.

• ID_LIKE=debian: Indicates that Ubuntu is based on Debian Linux.

• HOME_URL, SUPPORT_URL, BUG_REPORT_URL, PRIVACY_POLICY_URL : Various official URLs for Ubuntu resources.

• UBUNTU_CODENAME=noble: Reiterates the codename of this Ubuntu release.

• LOGO=ubuntu-logo: Specifies the logo identifier for the distribution.

This output shows that I’m running Ubuntu 24.04.2 LTS (codenamed "Noble Numbat"), which is a Long Term Support release of Ubuntu. Being an LTS version means it will receive security updates and support for an extended period (typically 5 years for Ubuntu LTS releases).

hostnamectl Command

hostnamectl shows the hostname, OS, and kernel info:

hostnamectl
 Static hostname: ip-172-31-90-178
       Icon name: computer-vm
         Chassis: vm 🖴
      Machine ID: ec272830b6dca2da0d11e41b292cfc99
         Boot ID: dd12f48ff01b44a796991d99ce1bcfde
  Virtualization: xen
Operating System: Ubuntu 24.04.2 LTS              
          Kernel: Linux 6.8.0-1024-aws
    Architecture: x86-64
 Hardware Vendor: Xen
  Hardware Model: HVM domU
Firmware Version: 4.11.amazon
   Firmware Date: Thu 2006-08-24
    Firmware Age: 18y 9month 1w 2d

In the above command, here is what each part means:

• Static hostname: "ip-172-31-90-178": This is the permanent hostname of the system, stored in /etc/hostname.

• Icon name: "computer-vm": A symbolic icon identifier for the system, used by some desktop environments.

• Chassis: "vm": Indicates this is running in a virtual machine environment.

• Machine ID: "ec272830b6dca2da0d11e41b292cfc99": A unique identifier for this system, stored in /etc/machine-id.

• Boot ID: "dd12f48ff01b44a796991d99ce1bcfde": A unique identifier that changes with each system boot.

• Virtualization: "xen": Shows that this system is running on Xen virtualization (common for AWS instances).

• Operating System: "Ubuntu 24.04.2 LTS": The current OS distribution and version.

• Kernel: "Linux 6.8.0-1024-aws": The current Linux kernel version, specifically an AWS-optimized kernel.

• Architecture: "x86-64": The CPU architecture of the system.

• Hardware Vendor: "Xen" Hardware Model: "HVM domU": Indicates this is a Xen HVM (Hardware Virtual Machine) domain user instance.

• Firmware Details:

  • Version: 4.11.amazon: This is the version of the firmware/BIOS specifically customized for AWS environments.

  • Date: Thu 2006-08-24: This is the release date of the firmware. The date might seem old (2006) but this is normal for AWS instances.

  • Age: 18y 9month 1w : This shows how old the firmware is relative to the current date calculated from the firmware date (2006) to now (2025). While the firmware seems old, it is still maintained and secure.

This overall output shows that I’m running Ubuntu 24.04.2 LTS on an AWS EC2 instance using Xen virtualization. The system is using an AWS-optimized kernel and is configured as a HVM (Hardware Virtual Machine) instance.

How to Get Your CPU Information in Linux

lscpu Command

lscpu shows CPU architecture, cores, threads, and virtualization information:

lscpu
Architecture:             x86_64
  CPU op-mode(s):         32-bit, 64-bit
  Address sizes:          46 bits physical, 48 bits virtual
  Byte Order:             Little Endian
CPU(s):                   1
  On-line CPU(s) list:    0
Vendor ID:                GenuineIntel
  Model name:             Intel(R) Xeon(R) CPU E5-2686 v4 @ 2
                          .30GHz
    CPU family:           6
    Model:                79
    Thread(s) per core:   1
    Core(s) per socket:   1
    Socket(s):            1
    Stepping:             1
    BogoMIPS:             4599.99
    Flags:                fpu vme de pse tsc msr pae mce cx8 
                          apic sep mtrr pge mca cmov pat pse3
                          6 clflush mmx fxsr sse sse2 ht sysc
                          all nx rdtscp lm constant_tsc rep_g
                          ood nopl xtopology cpuid tsc_known_
                          freq pni pclmulqdq ssse3 fma cx16 p
                          cid sse4_1 sse4_2 x2apic movbe popc
                          nt tsc_deadline_timer aes xsave avx
                           f16c rdrand hypervisor lahf_lm abm
                           pti fsgsbase bmi1 avx2 smep bmi2 e
                          rms invpcid xsaveopt
Virtualization features:  
  Hypervisor vendor:      Xen
  Virtualization type:    full
Caches (sum of all):      
  L1d:                    32 KiB (1 instance)
  L1i:                    32 KiB (1 instance)
  L2:                     256 KiB (1 instance)
  L3:                     45 MiB (1 instance)
NUMA:                     
  NUMA node(s):           1
  NUMA node0 CPU(s):      0
Vulnerabilities:          
  Gather data sampling:   Not affected
  Itlb multihit:          KVM: Mitigation: VMX unsupported
  L1tf:                   Mitigation; PTE Inversion
  Mds:                    Vulnerable: Clear CPU buffers attem
                          pted, no microcode; SMT Host state 
                          unknown
  Meltdown:               Mitigation; PTI
  Mmio stale data:        Vulnerable: Clear CPU buffers attem
                          pted, no microcode; SMT Host state 
                          unknown
  Reg file data sampling: Not affected
  Retbleed:               Not affected
  Spec rstack overflow:   Not affected
  Spec store bypass:      Vulnerable
  Spectre v1:             Mitigation; usercopy/swapgs barrier
                          s and __user pointer sanitization
  Spectre v2:             Mitigation; Retpolines; STIBP disab
                          led; RSB filling; PBRSB-eIBRS Not a
                          ffected; BHI Retpoline
  Srbds:                  Not affected
  Tsx async abort:        Not affected

Here is a brief explanation of the output above:

1. Basic CPU Info

• Architecture: x86_64 (64-bit)

• CPU Model: Intel Xeon E5-2686 v4 (2.3 GHz)

• Cores/Threads: 1 core, 1 thread (no Hyper-Threading)

• Physical CPU (Socket): 1

2. Performance & Features

• Cache Sizes:

  • L1: 32 KiB (data) + 32 KiB (instructions)

  • L2: 256 KiB

  • L3: 45 MiB (large, typical for Xeon)

• Flags: Supports AVX, AES, SSE4.1/4.2 (useful for encryption/vector ops).

3. Virtualization

• Hypervisor: Running on Xen (full virtualization).

• Virtualization Support: Yes (Intel VT-x).

4. Security (Vulnerabilities)

• Meltdown/Spectre: Mostly mitigated (PTI, Retpolines).

• MDS/MMIO: Vulnerable (no microcode fixes).

• Spec Store Bypass: Vulnerable (no mitigation).

5. NUMA (Memory)

• Single NUMA node (no multi-processor complexity).

The output shows that my machine is a single-core Intel Xeon (in a virtualized/cloud environment) with large L3 cache but has some unpatched CPU vulnerabilities.

cat /proc/cpuinfo Command

cat /proc/cpuinfo provides more in-depth details about the CPU:

cat /proc/cpuinfo 
processor    : 0
vendor_id    : GenuineIntel
cpu family    : 6
model        : 79
model name    : Intel(R) Xeon(R) CPU E5-2686 v4 @ 2.30GHz
stepping    : 1
microcode    : 0xd000404
cpu MHz        : 2299.998
cache size    : 46080 KB
physical id    : 0
siblings    : 1
core id        : 0
cpu cores    : 1
apicid        : 0
initial apicid    : 0
fpu        : yes
fpu_exception    : yes
cpuid level    : 13
wp        : yes
flags        : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx rdtscp lm constant_tsc rep_good nopl xtopology cpuid tsc_known_freq pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm pti fsgsbase bmi1 avx2 smep bmi2 erms invpcid xsaveopt
bugs        : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit mmio_stale_data bhi
bogomips    : 4599.99
clflush size    : 64
cache_alignment    : 64
address sizes    : 46 bits physical, 48 bits virtual
power management:

nproc Command

nproc shows the core count:

nproc
1

The above command output shows there is one available processor.

How to Get Your Memory Information in Linux

free -h Command

You can use the free -h command to know the total/used/free RAM:

free -h
               total        used        free      shared  buff/cache   available
Mem:           957Mi       406Mi       218Mi       920Ki       522Mi       551Mi
Swap:             0B          0B          0B

Here is a breakdown of the output shared above:

• total: The total amount of physical memory (RAM) or swap space available on the system.

• used: The amount of memory currently being used by applications and the system. Calculated as: total - free - buffers - cache.

• free: The amount of memory that is completely unused.

• shared: Memory that may be simultaneously accessed by multiple programs.

• buff/cache: Combines two types of memory:

  • Buffers: Memory used for block device I/O buffering.

  • Cache: Memory used for file system page cache - This memory can be reclaimed when needed by applications.

  • available: It includes the 'free' memory plus memory that can be reclaimed from buff/cache. This is the most important column for determining if you have enough memory.

vmstat Command

vmstat stands for Virtual Memory Statistics, a tool to monitor system performance. It provides information about memory usage, CPU activity, Processes, Disk I/O and Swap usage.

You can also use vmstat to extract live information. Here is how you can do that:

vmstat 1 5
procs -----------memory---------- ---swap-- -----io---- -system-- -------cpu-------
 r  b   swpd   free   buff  cache   si   so    bi    bo   in   cs us sy id wa st gu
 1  0      0 238264  46120 489056    0    0     3     8   23    0  0  0 82  0 18  0
 0  0      0 238264  46120 489060    0    0     0     0  240  120  0  1 98  0  1  0
 0  0      0 238264  46120 489060    0    0     0     0  239  124  0  0 98  0  2  0
 0  0      0 238264  46120 489060    0    0     0     0  199  101  0  0 95  0  5  0
 0  0      0 238264  46120 489060    0    0     0     0   36   25  0  0 78  0 22  0

Here is what the above command is doing:

1. Captures 5 snapshots of system performance.

2. Each snapshot is taken 1 second apart, giving near real-time insights.

3. Displays key metrics about:

   • Memory usage (free, buffered, cached).

   • CPU activity (user, system, idle, waiting).

   • Processes (running, blocked).

   • Disk I/O (blocks read/written).

   • Swap usage (if swapping is happening).

Note that, you can replace the interval and number of snapshots accordingly.

Here’s a detailed breakdown of the output above:

• Procs:

  • r: Number of processes waiting for run time.

  • b: Number of processes in uninterruptible sleep

• Memory (in KB):

  • swpd: Amount of virtual memory used

  • free: Amount of idle memory

  • buff: Memory used as buffers

  • cache: Memory used as cache

• Swap:

  • si: Memory swapped in from disk (KB/s)

  • so: Memory swapped out to disk (KB/s)

• IO:

  • bi: Blocks received from a block device (blocks/s)

  • bo: Blocks sent to a block device (blocks/s)

• System:

  • in: Number of interrupts per second

  • cs: Number of context switches per second

• CPU (percentages):

  1. us: Time spent running user code

  2. sy: Time spent running system code

  3. id: Time spent idle

  4. wa: Time spent waiting for IO

  5. st: Time stolen from a virtual machine

  6. gu: Time running guest code (virtual CPU)

From the output, you can see that my system:

• Has very low CPU usage (high idle percentage)

• Has no swap being used (swpd = 0)

• Has about 99MB free memory

• Shows minimal IO activity

• Is running in a virtualized environment (notice the st (stolen) time column has non-zero value

The first line shows averages since the last reboot, while subsequent lines show the real-time statistics for each second.

cat /proc/meminfo Command

cat /proc/meminfo shows detailed memory stats:

cat /proc/meminfo
MemTotal:         980384 kB
MemFree:          245100 kB
MemAvailable:     585896 kB
Buffers:           46184 kB
Cached:           393672 kB
SwapCached:            0 kB
Active:           141404 kB
Inactive:         356376 kB
Active(anon):      47672 kB
Inactive(anon):    29300 kB
Active(file):      93732 kB
Inactive(file):   327076 kB
Unevictable:       36528 kB
Mlocked:           27152 kB
SwapTotal:             0 kB
SwapFree:              0 kB
Zswap:                 0 kB
Zswapped:              0 kB
Dirty:                 0 kB
Writeback:             0 kB
AnonPages:         94488 kB
Mapped:            97936 kB
Shmem:               920 kB
KReclaimable:      95396 kB
Slab:             148672 kB
SReclaimable:      95396 kB
SUnreclaim:        53276 kB
KernelStack:        2444 kB
PageTables:         3224 kB
SecPageTables:         0 kB
NFS_Unstable:          0 kB
Bounce:                0 kB
WritebackTmp:          0 kB
CommitLimit:      490192 kB
Committed_AS:     508912 kB
VmallocTotal:   34359738367 kB
VmallocUsed:        9988 kB
VmallocChunk:          0 kB
Percpu:            14848 kB
HardwareCorrupted:     0 kB
AnonHugePages:         0 kB
ShmemHugePages:        0 kB
ShmemPmdMapped:        0 kB
FileHugePages:         0 kB
FilePmdMapped:         0 kB
Unaccepted:            0 kB
HugePages_Total:       0
HugePages_Free:        0
HugePages_Rsvd:        0
HugePages_Surp:        0
Hugepagesize:       2048 kB
Hugetlb:               0 kB
DirectMap4k:       71680 kB
DirectMap2M:      976896 kB

Here is a detailed breakdown of the output shared above:

• Total Memory and Available Memory:

  • MemTotal: Total physical RAM available.

  • MemFree: Completely unused memory.

  • MemAvailable: Memory available for new applications.

• Memory Caches and Buffers:

  • Buffers: Memory used for block device I/O buffering.

  • Cached: Memory used for file system cache.

  • SwapCached: Memory pages stored in both RAM and swap.

• Active vs Inactive Memory:

  • Active: Recently used memory.

  • Inactive: Less recently used memory.

  • Active(anon): Recently used anonymous memory.

  • Active(file): Recently used file-backed memory.

• Swap Information:

  • SwapTotal: Swap space configured.

  • SwapFree: Swap space available.

  • Zswap: Compressed swap in RAM.

• Other Important Metrics:

  • Dirty: Memory waiting to be written to disk.

  • Mapped: Files mapped into memory.

  • Slab: Kernel data structures cache.

  • CommitLimit: Total memory available for allocation.

  • Committed_AS: Total memory currently allocated.

A healthy memory usage is indicated by a good amount of available memory, active caching mechanisms in place and no memory pressure (no swap usage needed).

How to Get Your Disk & Filesystem Information in Linux

tree -d -L 1 Command

tree -d -L 1 shows the file system details from the folder it is executed in. To find the complete file system details, run it from the root / folder:

tree -d -L 1
.
├── bin -> usr/bin
├── bin.usr-is-merged
├── boot
├── dev
├── etc
├── home
├── lib -> usr/lib
├── lib.usr-is-merged
├── lib64 -> usr/lib64
├── lost+found
├── media
├── mnt
├── opt
├── proc
├── root
├── run
├── sbin -> usr/sbin
├── sbin.usr-is-merged
├── snap
├── srv
├── sys
├── tmp
├── usr
└── var

25 directories

The command output of tree -d -L 1 shows a directory tree structure with the following options:

• -d: Shows only directories (ignores files)

• -L 1: Limits the depth of the tree to one level (only shows the immediate subdirectories)

• df -h: mounted filesystems and usage:

    df -h
    Filesystem      Size  Used Avail Use% Mounted on
    /dev/root        29G  2.6G   26G   9% /
    tmpfs           479M     0  479M   0% /dev/shm
    tmpfs           192M  908K  191M   1% /run
    tmpfs           5.0M     0  5.0M   0% /run/lock
    /dev/xvda16     881M  144M  676M  18% /boot
    /dev/xvda15     105M  6.1M   99M   6% /boot/efi
    tmpfs            96M   12K   96M   1% /run/user/1000
  

  The above output from the df -h command shows the following disk space usage information:

  • Filesystem: The name of the mounted filesystem/device.

  • Size: Total size of the filesystem.

  • Used: Amount of space used.

  • Avail: Amount of space available.

  • Use%: Percentage of space used.

  • Mounted on: The mount point where the filesystem is attached

lsblk Command

lsblk stands for ‘list block devices’ and shows information about all available block devices like hard drives, SSDs, and so on.

lsblk
NAME     MAJ:MIN RM  SIZE RO TYPE MOUNTPOINTS
loop0      7:0    0 26.3M  1 loop /snap/amazon-ssm-agent/9881
loop1      7:1    0 73.9M  1 loop /snap/core22/1748
loop2      7:2    0 44.4M  1 loop /snap/snapd/23545
loop3      7:3    0 50.9M  1 loop /snap/snapd/24505
loop4      7:4    0 73.9M  1 loop /snap/core22/1963
loop5      7:5    0 27.2M  1 loop /snap/amazon-ssm-agent/11320
xvda     202:0    0   30G  0 disk 
├─xvda1  202:1    0   29G  0 part /
├─xvda14 202:14   0    4M  0 part 
├─xvda15 202:15   0  106M  0 part /boot/efi
└─xvda16 259:0    0  913M  0 part /boot

The output above shows the following details:

• NAME: Device name.

• MAJ:MIN: Major and minor device numbers.

• RM: Removable flag (1 for removable, 0 for fixed).

• SIZE: Device size.

• RO: Read-only flag (1 for read-only, 0 for read-write).

• TYPE: Device type (disk, part for partition, loop for loop device).

• MOUNTPOINTS: Where the device is mounted.

fdisk -l Command

fdisk -l shows all disk devices and their partitions on your system:

Disk /dev/xvda: 30 GiB, 32212254720 bytes, 62914560 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: E3478E01-32E3-4FC2-8E79-1BCCDE89C2D7

Device        Start      End  Sectors  Size Type
/dev/xvda1  2099200 62914526 60815327   29G Linux filesystem
/dev/xvda14    2048    10239     8192    4M BIOS boot
/dev/xvda15   10240   227327   217088  106M EFI System
/dev/xvda16  227328  2097152  1869825  913M Linux extended boot

The above output shows the partition information for the the main system disk (/dev/xvda) which is 30 GiB in size and has four partitions:

• /dev/xvda1: 29G Linux filesystem (main system partition).

• /dev/xvda14: 4M BIOS boot partition.

• /dev/xvda15: 106M EFI System partition (for UEFI boot).

• /dev/xvda16: 913M Linux extended boot partition.

mount Command

mount shows all currently mounted filesystems in the format: device/source "on" mount_point "type" filesystem_type (mount_options), displaying where and how each filesystem is attached to your system's directory tree.

Here is an example line from the output of mount:

/dev/xvda1 on / type ext4 (rw,relatime,discard,errors=remount-ro,commit=30)

Some common mount options you’ll see are:

• rw: Read-write access.

• ro: Read-only access.

• nosuid: Disable SUID/SGID bits.

• nodev: Prevent device file interpretation.

• noexec: Prevent execution of binaries.

• relatime: Update access times relatively.

du -sh * Command

du -sh * provides a summary of the disk usage for each file and directory in the current directory (good for finding disk hogs):

du -sh *
4.0K    file1.txt
8.0K    file2.txt
12K     directory1
20K     directory2

How to Get Your Hardware Information in Linux

lshw Command

The lshw command provides detailed information about the computer's hardware configuration. It can report:

• Memory configuration.

• Firmware version.

• Mainboard configuration.

• CPU version and speed.

• Cache configuration.

• Bus speed and more.

It's particularly useful for system administrators and users who need to gather detailed hardware information. The command can output information in various formats including HTML, XML, JSON, or plain text.

Here is a portion of the output from lshw:

*-pci
          description: Host bridge
          product: 440FX - 82441FX PMC [Natoma]
          vendor: Intel Corporation
          physical id: 100
          bus info: pci@0000:00:00.0
          version: 02
          width: 32 bits
          clock: 33MHz
        *-isa
             description: ISA bridge
             product: 82371SB PIIX3 ISA [Natoma/Triton II]
             vendor: Intel Corporation
             physical id: 1
             bus info: pci@0000:00:01.0
             version: 00
             width: 32 bits
             clock: 33MHz
             capabilities: isa bus_master
             configuration: latency=0

lspci Command

lspci displays information about all PCI (Peripheral Component Interconnect) buses and devices connected to your system.

lspci
00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma] (rev 02)
00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II]
00:01.1 IDE interface: Intel Corporation 82371SB PIIX3 IDE [Natoma/Triton II]
00:01.3 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 01)
00:02.0 VGA compatible controller: Cirrus Logic GD 5446
00:03.0 Unassigned class [ff80]: XenSource, Inc. Xen Platform Device (rev 01)

From the output, we can see that:

• Each line starts with a bus:device.function address (like "00:00.0")

• Following the address is the device class and the specific hardware details:

  • A Host bridge (Intel 440FX), which manages communications between the CPU and other components.

  • An ISA bridge (Intel PIIX3), for legacy device support.

  • An IDE interface for storage devices.

  • An ACPI bridge for power management.

  • A VGA graphics controller (Cirrus Logic).

  • A Xen Platform Device (this suggests you're running in a Xen virtualized environment).

The command is particularly useful for:

• Troubleshooting hardware issues

• Verifying hardware detection

• Finding hardware details for driver installation

• Checking system configuration

How to Get Your Network Interfaces & Status Information in Linux

ip a Command

ip a displays information about all network interfaces on your system:

ip -a
1: lo: <LOOPBACK,UP,LOWER_UP>
- This is the loopback interface (localhost)
- MTU (Maximum Transmission Unit) is 65536 bytes
- IP address: 127.0.0.1/8 (IPv4)
- IPv6 address: ::1/128

2. Network Interface (enX0):
enX0: <BROADCAST,MULTICAST,UP,LOWER_UP>
- This is your main network interface
- MTU is 9001 bytes
- MAC address (link/ether): 12:16:a6:d3:b3:61
- IPv4 address: 172.31.90.178/20
- IPv6 address: fe80::1016:a6ff:fed3:b361/64 (Link-local)

Here are the key elements in the output:

• Interface state (UP/DOWN).

• MAC address (link/ether).

• IPv4 and IPv6 addresses.

• Network scope (host, global, link).

• Address validity lifetime (valid_lft).

• Broadcast address (brd).

ip r Command

ip r shows the system’s routing table:

ip r
default via 172.31.80.1 dev enX0 proto dhcp src 172.31.90.178 metric 100 
172.31.0.2 via 172.31.80.1 dev enX0 proto dhcp src 172.31.90.178 metric 100 
172.31.80.0/20 dev enX0 proto kernel scope link src 172.31.90.178 metric 100 
172.31.80.1 dev enX0 proto dhcp scope link src 172.31.90.178 metric 100

The above ip r output shows my system's routing table with the following routes:

• Default Route (Gateway):

  • Default via 172.31.80.1: All traffic not matching other rules goes through this gateway.

  • Using interface enX0.

  • Configured via DHCP.

  • Source IP: 172.31.90.178.

• Local Network:

  • 172.31.80.0/20: Local subnet (covers IPs from 172.31.80.0 to 172.31.95.255)

  • Directly connected to enX0 interface

  • Kernel-managed route (proto kernel)

  • For packets originating from 172.31.90.178

• DHCP Route:

  • Direct route to DHCP server (172.31.80.1)

  • Via interface enX0

All routes have a metric of 100, which determines route priority (lower values are preferred).

netstat -tuln shows active listening ports:

netstat -tuln
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 127.0.0.54:53           0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN     
tcp6       0      0 :::80                   :::*                    LISTEN     
tcp6       0      0 :::22                   :::*                    LISTEN     
udp        0      0 127.0.0.54:53           0.0.0.0:*                          
udp        0      0 127.0.0.53:53           0.0.0.0:*                          
udp        0      0 172.31.90.178:68        0.0.0.0:*                          
udp        0      0 127.0.0.1:323           0.0.0.0:*                          
udp6       0      0 ::1:323                 :::*

How to Get Your Software & Services Information in Linux

Installed packages

You can check installed packages with dpkg -l, apt list --installed (Debian/Ubuntu). Here is a snippet from the output:

vim-common/noble-updates,noble-security,now 2:9.1.0016-1ubuntu7.8 all [installed,automatic]
vim-runtime/noble-updates,noble-security,now 2:9.1.0016-1ubuntu7.8 all [installed,automatic]
vim-tiny/noble-updates,noble-security,now 2:9.1.0016-1ubuntu7.8 amd64 [installed,automatic]
vim/noble-updates,noble-security,now 2:9.1.0016-1ubuntu7.8 amd64 [installed,automatic]

Service status

systemctl list-units --type=service lists the services. You can also use systemctl status <service> and replace <service> with the one you want.

Here’s the output for cron.service:

systemctl status cron.service
● cron.service - Regular background program processing daemon
     Loaded: loaded (/usr/lib/systemd/system/cron.service; enabled; preset: enabled)
     Active: active (running) since Wed 2025-05-14 19:46:58 UTC; 2 weeks 5 days ago
       Docs: man:cron(8)
   Main PID: 625 (cron)
      Tasks: 1 (limit: 1129)
     Memory: 1.7M (peak: 4.7M)
        CPU: 20.890s
     CGroup: /system.slice/cron.service
             └─625 /usr/sbin/cron -f -P

Jun 03 09:25:01 ip-172-31-90-178 CRON[121748]: pam_unix(cron:session): session closed for user root
Jun 03 09:35:01 ip-172-31-90-178 CRON[121817]: pam_unix(cron:session): session opened for user root(uid=0) by root(uid=0)
Jun 03 09:35:01 ip-172-31-90-178 CRON[121818]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1)
Jun 03 09:35:01 ip-172-31-90-178 CRON[121817]: pam_unix(cron:session): session closed for user root
Jun 03 09:45:01 ip-172-31-90-178 CRON[122050]: pam_unix(cron:session): session opened for user root(uid=0) by root(uid=0)
Jun 03 09:45:01 ip-172-31-90-178 CRON[122051]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1)
Jun 03 09:45:01 ip-172-31-90-178 CRON[122050]: pam_unix(cron:session): session closed for user root
Jun 03 09:55:01 ip-172-31-90-178 CRON[122318]: pam_unix(cron:session): session opened for user root(uid=0) by root(uid=0)
Jun 03 09:55:01 ip-172-31-90-178 CRON[122319]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1)
Jun 03 09:55:01 ip-172-31-90-178 CRON[122318]: pam_unix(cron:session): session closed for user root
lines 5-21/21 (END)

Processes

ps aux shows all processes with their respective status:

ps aux
USER         PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root           1  0.0  1.4  22556 13952 ?        Ss   May14   0:35 /usr/lib/systemd/systemd --system --deserialize=63
root           2  0.0  0.0      0     0 ?        S    May14   0:00 [kthreadd]
root           3  0.0  0.0      0     0 ?        S    May14   0:00 [pool_workqueue_release]
root           4  0.0  0.0      0     0 ?        I<   May14   0:00 [kworker/R-rcu_g]
root           5  0.0  0.0      0     0 ?        I<   May14   0:00 [kworker/R-rcu_p]
root           6  0.0  0.0      0     0 ?        I<   May14   0:00 [kworker/R-slub_]
.
.
.

Here's an explanation of each column in the ps aux output:

• USER: The owner of the process

• PID: Process ID number

• %CPU: CPU usage percentage

• %MEM: Memory usage percentage

• VSZ: Virtual Memory Size in kilobytes (total program size)

• RSS: Resident Set Size in kilobytes (actual memory used)

• TTY: Terminal associated with the process ('?' means no terminal)

• STAT: Process state code:

  • S: Sleeping

  • R: Running

  • I: Idle

  • Z: Zombie

  • T: Stopped

  • s: Session leader

  • <: High priority

  • N: Low priority

• START: Time when the process started

• TIME: Cumulative CPU time used

• COMMAND: The command with all its arguments

top and htop Commands

top or htop can be used for live usage overview, and for showing a dynamic view of system performance and running processes. Here's what it displays:

• System Overview:

  • System uptime and number of logged-in users.

  • Load average values for the last 1, 5, and 15 minutes.

  • Total number of processes and their states (running, sleeping, stopped, zombie)

• Resource Usage:

  • CPU usage breakdown (user, system, idle, etc.).

  • Memory usage (total, free, used, cached).

  • Swap space usage

  • Process List:Shows a sorted list of running processes (by default sorted by CPU usage)For each process, displays:

    • Process ID (PID).

    • User who owns the process.

    • CPU and memory usage.

    • Process priority and nice value.

    • Memory usage details (virtual, resident, shared).

    • Process status.

    • Running time.

    • Command name.

    top - 10:04:25 up 19 days, 14:17,  1 user,  load average: 0.00, 0.00, 0.00
    Tasks: 104 total,   1 running, 103 sleeping,   0 stopped,   0 zombie
    %Cpu(s):  0.0 us,  0.0 sy,  0.0 ni, 88.0 id,  0.0 wa,  0.0 hi,  0.0 si, 12.0 st 
    MiB Mem :    957.4 total,    247.3 free,    366.1 used,    533.7 buff/cache     
    MiB Swap:      0.0 total,      0.0 free,      0.0 used.    591.3 avail Mem 

        PID USER      PR  NI    VIRT    RES    SHR S  %CPU  %MEM     TIME+ COMMAND                                              
          1 root      20   0   22556  13952   9728 S   0.0   1.4   0:35.08 systemd                                              
          2 root      20   0       0      0      0 S   0.0   0.0   0:00.16 kthreadd                                             
          3 root      20   0       0      0      0 S   0.0   0.0   0:00.00 pool_workqueue_release                               
          4 root       0 -20       0      0      0 I   0.0   0.0   0:00.00 kworker/R-rcu_g                                      
          5 root       0 -20       0      0      0 I   0.0   0.0   0:00.00 kworker/R-rcu_p                                      
          6 root       0 -20       0      0      0 I   0.0   0.0   0:00.00 kworker/R-slub_                                      
          7 root       0 -20       0      0      0 I   0.0   0.0   0:00.00 kworker/R-netns                                      
         10 root       0 -20       0      0      0 I   0.0   0.0   0:00.00 kworker/0:0H-events_highpri                          
         12 root       0 -20       0      0      0 I   0.0   0.0   0:00.00 kworker/R-mm_pe                                      
         13 root      20   0       0      0      0 I   0.0   0.0   0:00.00 rcu_tasks_rude_kthread                               
         14 root      20   0       0      0      0 I   0.0   0.0   0:00.00 rcu_tasks_trace_kthread

The top command updates this information regularly (by default every 3 seconds) and is commonly used for:

• Monitoring system performance

• Identifying resource-intensive processes

• Troubleshooting system slowdowns

• Getting a quick overview of system health

  You can also interact with top while it's running using various keyboard commands (like 'k' to kill a process, '1' to see cpu cores, etc.).

How to Get Your Logs & Dmesg In formation in Linux

Based on the system configuration, a number of logs are generated. These can be audit logs, system logs, cron logs, and so on. They all carry useful information. Here are some commands that you can use to view logs:

• dmesg | less: Kernel ring buffer (hardware issues, boot messages)

• journalctl -xe: Recent critical logs (systemd systems)

• /var/log/syslog or /var/log/messages: General system logs

How to Get Your Security/User Audit Information in Linux

whoami shows the current user’s username.

whoami
ubuntu

id shows detailed information about a user's identity on the system.

id
uid=1000(ubuntu) gid=1000(ubuntu) groups=1000(ubuntu),4(adm),24(cdrom),27(sudo),30(dip),105(lxd)

Let's break down the output:

• User ID (uid): uid=1000(ubuntu) means the user ID is 1000, with username "ubuntu"

• Primary Group ID (gid): gid=1000(ubuntu) means the primary group ID is 1000, named "ubuntu"

• Supplementary Groups (groups): The user belong to the following groups:

  • ubuntu (1000): Your primary group.

  • adm (4): For system monitoring tasks.

  • cdrom (24): For accessing CD-ROM devices.

  • sudo (27): Allows you to execute commands with superuser privileges.

  • dip (30): For managing dial-up connections.

  • lxd (105): For managing LXD containers.

The id command is useful for checking user and group IDs, verifying group memberships, troubleshooting permissions issues and confirming sudo access.

who displays information about users currently logged into the system:

who
ubuntu   pts/0        2025-06-03 08:45 (39.43.159.5)

The output breakdown is shown below:

• Username: "ubuntu"

• Terminal: "pts/0" (pseudo-terminal)

• Login time: "2025-06-03 08:45"

• Remote host: "(39.43.159.5)" - the IP address from where the connection was made

• w- shows who is logged in and what they are doing:

w
 10:21:46 up 19 days, 14:35,  1 user,  load average: 0.00, 0.00, 0.00
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU  WHAT
ubuntu   pts/0    39.43.159.5      08:45   44:56   0.00s  0.02s sshd: ubuntu [priv]

Here is the result breakdown:

First line:

• 10:21:46: Current system time

• up 19 days, 14:35: System uptime (how long the system has been running)

• 1 user: Number of users currently logged in

• load average: 0.24, 0.05, 0.02: System load averages for the past 1, 5, and 15 minutes

  • Numbers below 1.0 indicate low system load

  • Higher numbers indicate more system load/stress

Second line shows the column headers for the user information below:

• USER: Username.

• TTY: Terminal device being used.

• FROM: Remote host from where the user is connected.

• LOGIN@: Time when the user logged in.

• IDLE: Time since the user's last activity.

• JCPU: CPU time used by all processes attached to the tty.

• PCPU: CPU time used by the current process.

• WHAT: Current process/command being run.

last shows a history of user logins and system reboots:

last
ubuntu   pts/1        39.43.159.5      Tue Jun  3 10:15 - 10:17  (00:02)
ubuntu   pts/0        39.43.159.5      Tue Jun  3 08:45   still logged in
ubuntu   pts/0        39.43.159.5      Tue Jun  3 05:23 - 08:29  (03:06)
ubuntu   pts/0        39.43.159.5      Sun Jun  1 06:32 - 12:24  (05:52)
ubuntu   pts/0        39.43.159.5      Thu May 22 05:39 - 05:58  (00:18)
ubuntu   pts/0        139.135.32.93    Wed May 21 14:45 - 14:47  (00:01)
ubuntu   pts/0        139.135.32.93    Wed May 21 11:58 - 13:49  (01:51)
ubuntu   pts/0        39.43.159.5      Wed May 21 05:05 - 05:12  (00:06)
ubuntu   pts/0        39.43.159.5      Tue May 20 18:41 - 21:45  (03:04)
ubuntu   pts/0        39.43.159.5      Thu May 15 06:12 - 06:12  (00:00)
ubuntu   pts/0        39.43.159.5      Thu May 15 06:05 - 06:12  (00:07)
ubuntu   pts/0        18.206.107.27    Wed May 14 20:06 - 20:08  (00:01)
ubuntu   pts/0        182.185.185.39   Wed May 14 19:48 - 19:50  (00:01)
reboot   system boot  6.8.0-1024-aws   Wed May 14 19:46   still running

wtmp begins Wed May 14 19:46:47 2025

Each line shows:

• Username (in this case, all logins are from 'ubuntu' user).

• Terminal device (pts/0 indicates a pseudo-terminal, typically used for SSH connections).

• Remote host IP address (where the connection came from).

• Login time and date.

• Logout time or status.

• Session duration in parentheses.

sudo -l shows what the current user can do with sudo.

sudo -l
Matching Defaults entries for ubuntu on ip-172-31-90-178:
    env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin,
    use_pty

User ubuntu may run the following commands on ip-172-31-90-178:
    (ALL : ALL) ALL
    (ALL) NOPASSWD: ALL

This output indicates that the 'ubuntu' user has:

• Full sudo access (can execute any command)

• No password requirement for sudo commands

• Complete administrative privileges on the system

Visually Appealing Commands

In this section you’ll learn about two commands that display the information we have seen before in a presentable and aesthetic form.

neofetch - displays system info along with the distribution logo:

btop displays dynamic stats with different modes:

Conclusion

Thank you for reading the article until the end. If you found it helpful, consider sharing it with others.

Stay Connected and Continue Your Learning Journey!

I read every message, come say hi 👋

1. Connect with me on:

   • LinkedIn: I share content related to Linux, Cyber security and DevOps. Leave a recommendation on LinkedIn and endorse me on relevant skills.

   • Discord community: Hang around with other devs or share your accomplishments.

   • X: I share pre-launch updates and some behind the scenes.

2. Get access to exclusive content: For one-on-one help and exclusive content go here.

My articles are part of my mission to increase accessibility to quality content for everyone. Each piece takes a lot of time and effort to write. This article will be free, forever. If you've enjoyed my work and want to keep me motivated, consider buying me a coffee.

Thank you once again and happy learning!

You can use Wireshark in scenarios like troubleshooting network performance issues (for example, slow connections or dropped packets), investigating suspicious activity (like detecting malware or unauthorized access), or learning how protocols like HTTP, TCP, or DNS function in real-world environments.

For beginners, think of it as a window into the invisible world of network communication, revealing what’s happening behind the scenes when you browse the web, send an email, or stream a video. Its power lies in its ability to provide granular insights, making it an indispensable tool for network administrators, cybersecurity enthusiasts, and anyone curious about how networks operate.

In this tutorial, you will learn how to use Wireshark display filters to analyze network traffic and spot potential security threats. Wireshark is a powerful network protocol analyzer that can capture and dissect network packets, which is crucial for cybersecurity professionals.

Here’s what we’ll cover:

• How to Start Wireshark and Analyze Network Traffic

• How to Work with Network Capture Files

• Understanding the Wireshark Interface

• Understanding and Applying Basic Display Filters

• Advanced Filtering Techniques

• Analyzing Security-Related Traffic

• Analyzing Sample Traffic and Generating New Traffic

Prerequisites

Before we start, you'll need to know Linux Basic Syntax. You can learn it through this Linux Skill Tree.

Don't worry if you're new to Wireshark – I’ll explain everything as we go.

How to Start Wireshark and Analyze Network Traffic

In this step, we're going to start using Wireshark. First, you'll learn how to launch it. Then, you'll either capture network traffic or use a provided sample file for analysis. Understanding the Wireshark interface is crucial, as it helps you view and analyze packet data.

Installing Wireshark on Ubuntu 22.04

Before you can start using Wireshark, you need to install it. Open a terminal window and run the following commands:

sudo apt update
sudo apt install wireshark -y

Launching Wireshark

To start Wireshark, you need to open a terminal window. You can do this by clicking on the terminal icon in the taskbar or by pressing Ctrl+Alt+T. Once the terminal is open, you'll use a command to start Wireshark. In the terminal, type the following command and press Enter:

wireshark

This command tells your system to start the Wireshark application. After a few seconds, Wireshark will open. You should see a window similar to the one shown below:

How to Work with Network Capture Files

For this part of the tutorial, you have two options:

Option 1: Use the Provided Sample File

# Download a sample packet capture file with mixed traffic
wget -q https://s3.amazonaws.com/tcpreplay-pcap-files/smallFlows.pcap -O /home/labex/project/sample.pcapng

# Make sure the user has access to the file
chmod 644 /home/labex/project/sample.pcapng

I’ve prepared a sample capture file for you at /home/labex/project/sample.pcapng. This file contains a variety of network traffic that you can analyze.

To open this file:

1. In Wireshark, go to File > Open

2. Navigate to /home/labex/project/sample.pcapng

3. Click "Open"

The file will load in Wireshark, showing various packets that have been captured previously.

Option 2: Capture Your Own Traffic

If you prefer to capture your own traffic:

1. In the Wireshark main window, look for the list of available network interfaces.

2. Find the eth1 interface. In this lab environment, eth1 is the main network interface we'll use for capturing packets.

3. Double-click on eth1. This action immediately starts the packet capture process.

4. Generate some network traffic by opening a new terminal and running:

    curl www.google.com
   

5. Once you've captured enough packets (aim for at least 20-30 packets), click the red square "Stop" button in the Wireshark toolbar.

Understanding the Wireshark Interface

The Wireshark interface is divided into three main panels, each with a specific purpose:

1. Packet List (top panel): This panel shows all the packets that have been captured in the order they were received. It gives you a quick overview of the captured traffic.

2. Packet Details (middle panel): When you select a packet in the top panel, this middle panel shows the details of that packet in a hierarchical format. It breaks down the packet's structure, showing information like the source and destination IP addresses, protocol types, and more.

3. Packet Bytes (bottom panel): This panel displays the raw bytes of the selected packet in hexadecimal format. It's useful for in-depth analysis, especially when you need to look at the exact data being transmitted.

To see how these panels work together, click on different packets in the top panel. You'll see the corresponding details and raw bytes update in the middle and bottom panels.

Understanding and Applying Basic Display Filters

In this step, we're going to explore display filters in Wireshark. Display filters are essential tools when it comes to analyzing network traffic. They help you focus on specific types of packets instead of having to sift through all the captured data.

By the end of this section, you'll know what display filters are, why they're useful, and how to apply basic ones to isolate specific types of network traffic.

What Are Display Filters?

When you're analyzing network traffic, looking at every single captured packet can be overwhelming. You usually want to focus on specific types of packets. That's where Wireshark display filters come in. They allow you to show only the packets that meet certain criteria. This makes the analysis process much more efficient because you're not wasting time on irrelevant data.

Display filters in Wireshark use a special syntax. This syntax enables you to filter packets based on various attributes such as protocols, IP addresses, ports, and even the content of the packets. Understanding this syntax is key to effectively using display filters.

Filter Toolbar

Take a look at the top of the Wireshark window. You'll notice a text field. It might be labeled "Apply a display filter..." or simply show "Expression...". This is the place where you'll enter your display filters. Once you enter a filter and press Enter, Wireshark will use that filter to show only the relevant packets.

Basic Protocol Filters

Let's start with a simple example. Suppose you want to view only HTTP traffic. HTTP is the protocol used for web browsing. To do this, you'll enter a filter in the filter toolbar. Type the following filter and then press Enter:

http

After you apply this filter, Wireshark will only display HTTP packets. All other packets will be temporarily hidden. You'll notice that the filter bar turns green when you apply a valid filter. This is a visual indication that your filter is working correctly.

The output should now show only packets related to HTTP traffic. This typically includes web requests (when you ask a website for information) and responses (when the website sends you the information). If you don't see any HTTP traffic in the sample file, you can try different protocols that might be present, such as TCP, UDP, or DNS:

tcp

Or try generating more HTTP traffic by running the curl command in a terminal:

curl www.google.com

IP Address Filters

Next, let's filter traffic based on IP addresses. An IP address is like a unique identifier for a device on a network. First, look at your packet list. You'll see columns labeled "Source" and "Destination". These columns show the IP addresses of the devices sending and receiving the packets.

Once you've identified an IP address that appears frequently in your capture (for example, let's say you see 192.168.1.1), you can use it to create a filter. Type the following filter in the filter toolbar to see only packets from that source:

ip.src == 192.168.3.131

You can replace 192.168.3.131 with an IP address that you actually see in your capture. After applying this filter, only packets with that source IP address will be shown.

If you want to see all the packets again, you can clear the current filter. Just click the "Clear" button (X) on the right side of the filter bar.

Port Filters

Many network services operate on specific ports. A port is like a door on a device that allows specific types of network traffic to enter or leave. For example, HTTP typically uses port 80.

To filter packets by port number, you can use the following filter:

tcp.port == 80

This filter will show both incoming and outgoing packets that use TCP port 80. You might also try other common ports like 443 (HTTPS) or 53 (DNS) depending on what's available in your capture.

Combining Filters

You can make your filters more powerful by combining them using logical operators like and and or. For example, if you want to show only HTTP traffic that uses port 80, you can use the following filter:

http and tcp.port == 80

Try applying different combinations of filters and observe how the displayed packets change. Remember, before trying a new filter, you can either clear the previous one by clicking the "Clear" button or modify the existing filter directly in the filter bar to build upon it.

Advanced Filtering Techniques

In this part, we'll explore how to create more sophisticated filters for detailed network traffic analysis. As a beginner, you might wonder why we need advanced filtering. Well, in real-world scenarios, network capture files can be extremely large, filled with all kinds of traffic. Advanced filtering techniques are like a powerful magnifying glass for security professionals. They help us quickly pick out the suspicious or important traffic from the sea of data in these large capture files.

Complex Filters with Multiple Conditions

Wireshark gives you the ability to build complex filters by combining multiple conditions. This is very useful when you want to be more precise in your traffic analysis. Let's start by creating a filter to find HTTP GET requests.

http.request.method == "GET"

This filter is designed to display only HTTP packets that contain GET requests. When you apply this filter, you'll see packets that are requests sent to web servers. The reason we use this filter is that GET requests are a common type of HTTP request used to retrieve data from a server. By isolating these requests, we can focus on the data retrieval activities in the network.

If your sample file doesn't contain HTTP GET requests, try this alternative filter to find TCP SYN packets which indicate connection attempts:

tcp.flags.syn == 1

Now, let's make our filter more specific. We'll add a port condition:

tcp.port == 80 and http.request.method == "GET"

This new filter shows only HTTP GET requests that occur on the standard HTTP port (80). The standard HTTP port is widely used for unencrypted web traffic. By adding this port condition, we're narrowing down our search to only those GET requests that are using the typical HTTP communication channel.

Filtering Based on Packet Size

Network attacks often involve packets with unusual sizes. Attackers might use large or small packets to hide malicious data or to disrupt the normal functioning of the network. To filter based on packet size, we use a specific syntax:

tcp.len >= 100 and tcp.len <= 500

This filter displays TCP packets with a payload length between 100 and 500 bytes. You can adjust these values according to your needs. For example, if you suspect that an attack involves larger packets, you can increase the upper limit. By filtering based on packet size, we can identify abnormal traffic patterns that might indicate an attack.

Filtering Based on Specific Content

You can also filter traffic based on specific content within packets. This is very useful when you're looking for traffic related to a particular website or service. For example, let's find HTTP traffic related to a specific website.

http.host contains "google"

This filter shows only HTTP traffic where the host header contains "google". You can replace "google" with any domain you're interested in analyzing. The host header in an HTTP request tells the server which website the client is trying to access. By filtering based on the host header, we can focus on the traffic related to a specific domain.

If your sample file doesn't have HTTP traffic with host headers, try this more general content filter:

frame contains "http"

Using the "contains" Operator for Text Searching

The contains operator is a handy tool for searching for specific text strings in packets. It allows us to look for certain keywords within the packet data.

frame contains "password"

This filter shows packets containing the word "password" anywhere in the packet data. This can be very helpful for detecting possible security issues. For example, if passwords are being sent in clear text (which is a big security risk), this filter can help us spot those packets.

Or try this filter:

frame contains "login"

Negating Filters

Sometimes, you might want to see all the traffic except for certain types. That's where the not operator comes in.

not arp

This filter hides all ARP packets. ARP (Address Resolution Protocol) is used to map IP addresses to MAC addresses in a local network. Sometimes, ARP traffic can be very common and might clutter your analysis. By using the not operator, you can exclude this type of traffic and focus on other more relevant packets.

Saving and Applying Filter Bookmarks

If you find yourself using certain filters frequently, you don't have to type them in every time. You can save them as bookmarks. Here's how:

1. Enter a filter in the filter bar. This is where you type in the filter expressions we've been learning about.

2. Click the "+" button on the right side of the filter bar. This button is used to save the current filter as a bookmark.

3. Give your filter a name and click "OK". Naming the filter makes it easy to identify later.

Once you've saved your filter, you can apply it by clicking on its name in the filter dropdown menu. This saves you time and effort, especially when you're doing repeated analysis.

Exporting Filtered Packets

After you've filtered your traffic to show only the packets of interest, you might want to save just these packets to a new file. This is useful for sharing specific findings with colleagues or for further analysis. Here's how you do it:

1. Apply your desired filter. Make sure you've set up the filter to show only the packets you want to save.

2. Click on File > Export Specified Packets. This option allows you to export a specific set of packets.

3. Make sure "Displayed" is selected in the Packet Range section. This ensures that only the packets that are currently visible (that is, the ones that match your filter) are exported.

4. Choose a filename and location. This is where you decide where to save the new capture file and what to name it.

5. Click "Save". This creates a new capture file containing only the packets that matched your filter.

Analyzing Security-Related Traffic

In this step, we're going to focus on using Wireshark filters for security analysis. Security analysis is crucial in the world of cybersecurity as it helps us spot potentially malicious activities in network traffic. By the end of this section, you'll be able to identify various types of security threats using specific Wireshark filters.

Identifying Port Scanning Activities

Port scanning is a common technique used by attackers to gather information about a target system. Attackers use it to find open ports on a network, which they can then exploit.

To detect potential port scanning, we look for a large number of connection attempts from a single source to multiple ports.

Let's use a specific filter to identify such activities. Try this filter in Wireshark:

tcp.flags.syn == 1 and tcp.flags.ack == 0

This filter shows SYN packets without the ACK flag. In a TCP connection, the SYN packet is the first one sent to initiate a connection, and the ACK packet is used to acknowledge the connection. When we see a lot of SYN packets without ACK from one source to different destination ports, it's a strong indication of port scanning.

Detecting Suspicious DNS Traffic

DNS tunneling and other DNS-based attacks are becoming more common. These attacks use the DNS protocol to hide malicious activities, such as data exfiltration or command and control communication. To detect such attacks, we need to look for unusual DNS traffic.

Use this filter to examine DNS queries:

dns

Once you apply this filter, look for unusually long domain names or a high volume of DNS requests to the same domain. These could be signs of data exfiltration or command and control communication.

Identifying Password Brute Force Attempts

Password brute force attacks are a common way for attackers to gain unauthorized access to services like SSH or FTP. In a brute force attack, the attacker tries multiple password combinations until they find the correct one.

To detect potential brute force password attempts, we can filter for failed login attempts. Use this filter:

ftp contains "530" or ssh contains "Failed"

This filter shows FTP and SSH packets that contain common failure response messages. If you see multiple failures from the same source, it may indicate a brute force attempt.

Analyzing HTTP Error Responses

Web application attacks often generate HTTP error responses. Attackers may try to exploit vulnerabilities in web applications, and these attempts can result in error responses from the server.

Filter for these error responses with:

http.response.code >= 400

This filter shows HTTP response packets with status codes of 400 or higher. All these status codes represent error responses. By examining these packets, we can identify attempted web exploits.

Finding Clear-Text Credentials

Transmitting credentials in clear text is a major security risk. If an attacker intercepts these credentials, they can gain unauthorized access to the system.

To detect clear-text credentials, use this filter:

http contains "user" or http contains "pass" or http contains "login"

This filter helps us find HTTP traffic that might contain login information. Carefully examine the packets that match this filter to identify potential security risks.

Analyzing Sample Traffic and Generating New Traffic

Now that you've learned various security-focused filters, it's time to put your knowledge into practice. You can either analyze the provided sample file or generate and analyze new traffic.

Analyzing the Sample File

If you're using the provided sample file (/home/labex/project/sample.pcapng), try applying some of the security filters we've discussed to identify any interesting patterns:

tcp.flags.syn == 1 and tcp.flags.ack == 0

Look for patterns that might indicate scanning, suspicious connections, or other security concerns.

Generating and Analyzing New Traffic

Alternatively, open a new terminal window. In this window, we'll generate some HTTP traffic with multiple requests. Run the following commands:

for i in {1..5}; do
  curl -I www.google.com
  sleep 1
done

These commands send five HTTP HEAD requests to www.google.com with a one-second interval between each request.

Next, go to Wireshark and apply this filter to find all HTTP requests:

http.request

This filter will show all the HTTP requests in the captured traffic.

Look through these packets to identify patterns of normal HTTP traffic. Notice the headers, the frequency of requests, and other details.

Finally, try to create a filter that can distinguish normal HTTP browsing from automated scanning tools. For example:

http.request and !(http.user_agent contains "Mozilla")

This filter shows HTTP requests that don't have browser user agents. Since most normal web browsing is done using browsers with Mozilla in the user agent, requests without it might indicate automated tools rather than normal browsing.

By practicing these security-focused filtering techniques, you'll develop the skills needed to quickly identify suspicious traffic in real-world network captures.

Conclusion

In this tutorial, you have learned how to use Wireshark display filters for network traffic analysis and potential security threat identification.

You began by either working with a provided sample capture file or capturing live network traffic and familiarizing yourself with the Wireshark interface. Then, you mastered basic display filters to isolate specific traffic types according to protocols, IP addresses, and ports. You also advanced your skills with complex filtering techniques, combining multiple conditions and searching for specific content. Finally, you applied these skills in security analysis scenarios to detect suspicious activities such as port scanning, credential exposure, and potential attacks.

These Wireshark filtering skills are crucial for efficient network troubleshooting and security analysis. By quickly isolating relevant packets from large captures, you can greatly reduce the time required to identify and respond to network issues and security incidents.

As you keep practicing with Wireshark, you will gain an intuitive understanding of network protocols and traffic patterns, enhancing your overall cybersecurity capabilities.

To practice the operations from this tutorial, try the interactive hands-on lab: Analyze Network Traffic with Wireshark Display Filters

Managing users in RHEL is kind of like that. You decide who gets in, what they can do, and how much control they have. Without proper management, things can get messy fast—like that friend who somehow DJs when no one asks.

So, let’s dive into user management and ensure your Linux system stays organized, secure, and drama-free! 🚀

Table Of Contents

1. What is a User in Linux?

   • Understanding sudo in User Management

2. User Management Commands in Linux

   • How to Add a User

   • How to Check if a User is Created

   • How to Assign a Password

   • How to Switch Users

   • Understanding Groups in Linux

   • How to Modify Users

3. Final Words

What is a User in Linux?

A user in Linux is an account that allows someone (or a process) to interact with the system. Since Linux is a multi-user operating system, multiple users can exist on the same system, each with their own settings, files, and permissions. Users can have different levels of permissions, which determine what they can access or modify on the system.

Linux categorizes users into three main types based on their roles and privileges:

1. Privileged Users: These users have unrestricted access to the entire system. They have the highest level of permissions and can perform any operation on the system. They can install/remove software, modify system files, create/manage users, and even delete everything. These users are also called root users.

2. System Users: The system creates these users to run background processes or services. They can’t login like a normal user. Their sole purpose is to manage system operations like databases, web servers and scheduled tasks.

3. Normal Users: These are the everyday users created by administrators or during system installation. They have their home directory and can store personal files and settings. They can’t modify system files but can execute tasks within their permission scope.

Understanding sudo in User Management

The sudo (Superuser Do) command allows a regular user to execute administrative tasks with elevated privileges. Since user management tasks—such as adding, modifying, or deleting users—require root access, normal users must use sudo before these commands.

Note that the following commands are executed as the root user. If you are using a normal user account, you must prefix them with sudo to perform user management tasks.

Now let’s see how we manage users on RHEL.

User Management Commands in Linux

How to add a user

To create a new user account, use following command:

Syntax:

useradd [user_name]

Example:

useradd Tanishka # Root user
sudo useradd Tanishka # Normal user

Once you create a user, you can verify its existence in the /etc/passwd file. This file stores essential user account information (but not passwords, despite the name).

How to check if a user is created

To confirm the user entry in /etc/passwd, use one of the following methods:

1. View the file using cat or grep

cat /etc/passwd # Displays entire file content
grep Tanishka /etc/passwd # Displays information about Tanishka user only

2. Use id command:

The id command is used to display a user’s UID (User ID), GID (Group ID), and the groups they belong to. It helps in verifying user information and checking permissions.

id Tanishka
# Displays user id of Tanishka,
# hence verifying user has been created

Let’s understand what’s going on in the /etc/password fields. Each line in /etc/passwd represents a user account and contains seven fields separated by colons (:):

username:x:UID:GID:comment:home_directory:shell

How to Assign a Password

Once an account is created, it’s essential to assign a password to the account. Otherwise, that account can’t be logged in through a GUI login interface. To give a password to a user account, user this command:

Syntax:

passwd [user_name]

Example:

passwd Tanishka

You will be prompted to enter the password. Enter the password and you’re all set! Even though user information is stored in /etc/passwd file, actual information about the password is stored in the /etc/shadow file (weird, I know…).

To see the content of the /etc/shadow file, use this command:

cat /etc/shadow

Each line in /etc/shadow represents a user account password and contains nine fields separated by colons (:):

username:password:lastchg:min:max:warn:inactive:expire:reserved

To change password aging information, you use the chage (short for change age) command like this:

Syntax:

chage [OPTIONS] [user_name]

Example:

chage -l tanishka # Lists the current password aging information
chage -m 10 tanishka # Sets the minimum days to change password
chage -M 10 tanishka # Sets the maximum days password must be changed
chage -W 7 tanishka # Sets the number of days before the password expires that the user will be warned to change the password
chage -I 10 tanishka # Sets the number of days after password expiration that the account will be disabled if not logged in
chage -E 2025-12-31 tanishka # Sets the date when the user account will expire 
chage -d 2024-12-25 tanishka # Sets the last password change date

Now that you have learned to create users and assign passwords, you need to know how to switch between users. Let’s see that now.

How to Switch Users

The su (Substitute User) command allows you to switch from one user to another without logging out of the current session.

Syntax:

su - [user_name]

Example:

su - Tanishka # Switches to Tanishka user

• su stands for "substitute user" (or "switch user").

• The - (hyphen) loads the target user's full environment, including their shell, path, and profile settings (similar to logging in as that user).

• If no username is provided, it switches to the root user by default.

To return to original or root user, simply enter ‘exit’.

Understanding Groups in Linux

Just like a party where guests can belong to different social circles, Linux groups allow users to be part of different permission levels. Groups help manage file access, system privileges, and administrative controls efficiently.

Linux has two types of groups:

1. Primary Group:

• Every user has one primary group.

• When a user creates a new file, it belongs to their primary group.

• It is usually named the same as the username.

2. Secondary Groups:

• A user can belong to multiple secondary groups.

• These groups provide additional permissions beyond the primary group.

• Users can be assigned to various secondary groups to access shared resources.

To check a user’s group membership:

id [user_name]

This displays the user’s UID, primary group (GID), and any secondary groups they belong to.

To add a new group:

groupadd [group_name]

How to Modify a User

Sometimes, you might need to update user details, such as changing usernames, user IDs, group memberships, home directories, or login shells. You use the usermod command to modify existing user accounts while preserving their files and configurations.

Syntax:

usermod [OPTIONS] [user_name]

Let’s break down the different options available for modifying user accounts.

1. Change the username

If you want to rename an existing user, use the -l option:

Syntax:

usermod -l new_username old_username

Example:

usermod -l tanishkamakode tanishka

This renames tanishka to tanishkamakode. Just keep in mind that the home directory remains the same (/home/tanishka), so you might need to rename it manually.

To rename the home directory as well, use:

mv /home/tanishka /home/tanishkamakode

2. Change the user id:

Each user has a unique User ID (UID). If you need to change it, use -u.

Syntax:

usermod -u new_UID user_name

Example:

usermod -u 2001 tanishka

This changes tanishka's UID to 2001. Before you do this, you’ll want to make sure that no other user has the same UID. This is important.

If the user owns files under the old UID, you should update them after changing the UID.

3. Change the primary group

Every user belongs to a primary group. To change it, use -g.

Syntax:

usermod -g new_group user_name

Example:

usermod -g developers tanishka

This changes tanishka's primary group to developers. Just keep in mind that usermod -g developers tanishka removes the user from all secondary groups. To avoid that, just make sure you check and re-add secondary groups as needed.

Also, the group must exist beforehand. To create a group, run this command:

Syntax:

groupadd [group_name]

Example:

groupadd developers

Now, to check tanishka’s group, do the following:

id tanishka

4. Add to a secondary group

A user can belong to multiple secondary groups. Use -G to assign them.

Syntax:

usermod -G group1,group2 user_name

Example:

usermod -G linux,docker tanishka

This adds tanishka to the sudo and docker groups. Just keep in mind that this replaces any existing secondary groups that the user might already belong to. To add groups without removing the current ones, use -aG (append to groups) like this:

usermod -aG linux,docker tanishka

5. Change the home directory:

You can change a user’s default home directory using -d.

Syntax:

usermod -d /new/home_directory user_name

Example:

usermod -d /home/tani tanishka

This sets tanishka's home directory to /home/tani, but it does not move existing files. To move them, add the -m option:

usermod -d /home/tani -m tanishka

After moving the home directory, just make sure you’ve updated file ownership.

6. Change the login shell:

The default shell for a user can be changed using -s.

Syntax:

usermod -s /new/shell user_name

Example:

usermod -s /bin/zsh tanishka

This changes tanishka's default shell to zsh. Common shells include:

• /bin/bash (default)

• /bin/sh

• /bin/zsh

• /usr/sbin/nologin (to disable login)

With usermod, you can fine-tune user settings to match system requirements. Always check changes using:

id tanishka
grep tanishka /etc/passwd

Final Words

In this article, we explored the fundamentals of user management in RHEL, a crucial aspect of system administration. We started with creating and managing users, then moved on to handling groups.

If you're new to Linux and want to build a strong foundation, check out my first tutorial on Basic Linux Commands, where I cover essential commands every beginner should know. You can also read my second tutorial on Vim to learn how to navigate and edit text efficiently in this powerful editor. These articles will complement what you’ve learned about user management here.

Keep practicing these commands, and soon they’ll become second nature to you. Mastery comes with repetition, so continue experimenting and applying these fundamentals in real-world scenarios.

Stay tuned for more articles. Get ready to take your RHEL skills to the next level.

Let’s connect!

For devs, text editors are the ultimate multitools, shaping how we create, manage, and transform raw data into meaningful output.

While modern editors like VS Code and Sublime Text have gained popularity for their sleek interfaces, there’s something timeless about the simplicity and power of classic tools.

Loved by some and feared by others, Vim is a text editor that has stood the test of time. Born from its predecessor Vi, Vim (Vi Improved) offers unparalleled speed, versatility, and control.

In this tutorial, you’ll learn what makes Vim so special. We’ll explore its commands, text filtering, and string manipulation capabilities to help you harness its true power.

What we’ll cover:

1. Text Editors in Linux

2. How to Open the Vim Editor

3. Modes in Vim

4. Basic Vim Commands

5. Cut, Copy, Paste, and Delete Commands

6. Search and Replace Commands

7. How to Read Files using more and less

8. Text Filters

9. Text Summarization Tool: wc

Text Editors in Linux

Linux provides a variety of text editors, each designed for different types of users – from beginners to advanced developers.

Editors like Nano are great for newcomers who need a simple, user-friendly experience in the terminal. Nano displays helpful commands at the bottom of the screen, making it easy to navigate without a steep learning curve.

Gedit, the default editor for the GNOME desktop environment, offers a clean, graphical interface ideal for basic text editing. On the other hand, Kate caters to KDE desktop users and provides a more feature-rich experience, with multiple windows, syntax highlighting, and an integrated terminal.

Emacs is a versatile and highly customizable editor that can be turned into an entire development environment, ideal for power users who want more than just a text editor.

VS Code and Atom are modern, graphical editors that offer a rich set of features, including extensions, debugging tools, and Git integration, making them favorites among developers.

Why Do Many Devs Prefer Vim?

Despite the wide range of text editors available in Linux, Vim stands out as the preferred choice for many users, especially those who need a lightweight, fast, and highly efficient editing environment.

Vim, an improved version of the classic Vi editor, is available on nearly every Linux distribution and can be used in both graphical and terminal-based environments. Its popularity stems from its exceptional speed and efficiency.

Vim is entirely keyboard-driven, allowing you to perform complex editing tasks quickly without the need for a mouse. This makes it incredibly useful for remote work, where you may have to rely on minimal system resources.

The power of Vim lies in its modal editing system, which separates the text input and command modes, which you’ll learn soon. This lets you execute precise actions with a few keystrokes. Whether you're navigating a file, searching for a string, or performing complex text manipulations, Vim enables you to do it all without taking your hands off the keyboard.

Because Vim (or Vi) is pre-installed on most Linux systems, it’s often the go-to option for developers and system administrators, who rely on its ubiquity and powerful features. In short, Vim’s combination of speed, versatility, and efficiency makes it the editor of choice for many Linux users looking to boost their productivity.

How to Open the Vim Editor

Opening a file in Vim is straightforward and efficient. To start editing any file, simply use the following command in your terminal:

vim [filename]

Here, replace [filename] with the name of the file you want to open. If the file doesn't exist, Vim will create a new file with that name. Once executed, Vim will open the file and allow you to start editing right away.

Example:

vim data.txt # A file that doesn't exist yet, so Vim creates a new file named data.txt

When you execute the command vim data.txt, Vim opened a new file named data.txt because a file with this name did not previously exist in the current directory. In Vim, this is indicated by the message at the bottom of the editor, which reads: data.txt [NEW]

If the file you want to edit already exists, you can open it in Vim by using the same command. You’ll be able to see its contents and make edits as needed. If you don’t see the [New] message at the bottom (as shown for new files), it confirms the file already exists.

Modes in Vim

Vim has several modes, but the most commonly used ones are:

• Normal Mode (Command Mode) – Used for navigation and executing commands.

• Insert Mode – Used for typing and editing text.

When you open a file in Vim, it starts in Command Mode by default. This mode allows you to navigate, execute commands, and perform various operations without directly modifying the text. To edit the text in the file, you need to switch to Insert Mode.

What is Command Mode?

Command Mode is the default mode in Vim. In this mode, you can navigate through the file using the arrow keys and cut, copy, paste, or delete the content and execute commands like saving or quitting.

To switch to Command Mode from any other mode, press the Esc key.

Example: If you are in Insert Mode and need to return to Command Mode to save or navigate, press Esc.

In the above image, "hello.txt" 1L, 1B” indicates that the file hello.txt is open and is currently in Command Mode, which is the default mode when you open Vim. 1L Represents 1 line in the file (currently the file is empty, so there’s just one blank line). 1B Represents 1 byte (the file is currently empty)

What is Insert Mode?

Insert Mode allows you to edit or type text in the file, similar to a traditional text editor. You can insert new lines, modify existing text, and make changes directly.

Press i while in Command Mode. This switches to Insert Mode and places the cursor at the current position, allowing you to start typing.

In the above image, “—INSERT—” indicates that the editor has been switched to Insert Mode, allowing you to type and edit text directly in the file.

Quick glance: When you open a file, always check the bottom of the terminal to determine your current mode. If the bottom line displays file-related information, you are in Command Mode. If the bottom line explicitly says -- INSERT --, you are in Insert Mode. If you want to go from Command Mode to Insert Mode: Press i. And from Insert Mode to Command Mode: Press Esc.

Basic Vim Commands

Below are some essential commands to help you manage files efficiently in Vim.

Note: Before using these commands, ensure you're in command mode by pressing Esc.

1. Save Changes

To save the changes made to a file, use the following command:

:w

This writes (saves) the current file without exiting Vim.

2. Save Changes and Quit

If you're done editing and want to save changes and exit Vim simultaneously, use:

:wq

This command writes the changes and then quits the editor.

3. Quit Without Saving Changes

If you wish to exit without saving any changes, you can use:

:q

This command will close the file if no changes have been made since the last save.

4. Force Quit Without Saving Changes

In case you've made changes to the file but want to exit without saving them, you can force quit with:

:q!

The ! overrides any unsaved changes and closes the file immediately.

Cut, Copy, Paste, and Delete Commands (Plus Others)

How to Position the Cursor for Text Manipulation

Before using any of the commands listed below (copy, cut, paste, and delete), it's important to understand where to place the cursor.

• Copy (Yank), Cut, Delete: For most operations, the cursor needs to be placed at the starting point of the text you want to act upon. This means if you're copying or cutting a word, place the cursor at the beginning of the word. If you're working with a line, the cursor should be anywhere on that line. For paragraph-based operations, position the cursor anywhere within the paragraph.

• Paste: The text will be pasted at the cursor's current position. So, ensure your cursor is placed where you want the copied or cut content to appear.

For example, Let’s say I have a file.txt that has the following content -

# file.txt
Hey readers,  
In this blog, we're learning Vim. This file is for demonstration purposes,
where we'll explore various editing commands like cut, copy, paste, and delete. Let's dive in!  

Vim is a powerful text editor that comes pre-installed on most Unix-based systems.
Mastering Vim can significantly boost your efficiency as a developer.  

To start with, let's learn some basic navigation and text manipulation commands.
Stay tuned as we break down each command with examples!

All the commands mentioned below will use this file as reference to explain examples.

1. Copy (Yank)

In Vim, copying is called "yanking." Use the following commands to copy text. The cursor's position is important to ensure the correct text is copied.

2. Cut (Change)

Cutting in Vim is known as "changing" the text. The cut operation replaces the text. Just like with copying, the cursor's position is important when using cut commands.

3. Paste

To paste the copied or cut text, use the following commands. The pasted text will appear at the current cursor position.

4. Delete

Deleting text in Vim allows you to remove unwanted text while remaining in command mode. The cursor must be positioned correctly to delete the intended text. Once deleted, you can still paste the deleted text to a new location.

5. Other Useful Commands

Note that Delete removes text but doesn’t store it in the system clipboard by default. The text goes into Vim’s unnamed register, meaning it can be pasted within Vim but not outside it. Cut explicitly stores text in the clipboard so you can paste it outside Vim as well.

Search and Replace Commands

Vim provides powerful search and replace functionality that allows you to find specific words or patterns and replace them efficiently. Understanding how to search and replace text is key to improving your productivity when editing large files.

Below is a breakdown of the various search and replace commands in Vim.

Search Commands

• Search Forward (/): When you want to search for a word or pattern below the cursor, use the / command. This will search forward in the file.

• Search Backward (?): Similarly, if you want to search for a word or pattern above the cursor, use the ? command. This will search backward in the file.

After performing a search, you can navigate through the search results:

• n: Go to the next match in the same direction (forward if /, backward if ?).

• N: Go to the previous match in the opposite direction (backward if /, forward if ?).

Replace Commands

Once you've located the word or pattern you want to replace, Vim provides several commands for replacing text.

Here’s an example:

In Vim, the /Tanishka pattern searches for an exact, case-sensitive match of the word "Tanishka."

To replace "Tanishka" with another word, like "Linux," you can use the substitution command like this: :s/Tanishka/Linux:

By default, this command replaces only the first occurrence of "Tanishka" in the line where the cursor is located.

If you want to replace all occurrences of "Tanishka" in the same line, you need to add the g (global) flag after the replacement string like this: :s/Tanishka/Linux/g.

This ensures that every instance of "Tanishka" in the current line is replaced with "Linux."

Similarly, the % symbol is used to specify the entire file when performing a substitution. Here's how it works in combination with the substitution command:

1. Replace the first occurrence in each line of the file:

   • :%s/Tanishka/Linux: This command replaces only the first occurrence of "Tanishka" in each line of the file.

2. Replace all occurrences in the entire file:

   • :%s/Tanishka/Linux/g: The addition of the g (global) flag ensures that all occurrences of "Tanishka" in every line of the file are replaced with "Linux."

How to Read Files using more and less

The cat command

The cat command is often used to read file content.

For example:

cat file.txt # Displays content of file

While the cat command is a straightforward tool for viewing file contents, its simplicity often falls short when working with large files or when precise navigation is required. That’s where the more and less commands come into play, offering enhanced functionality for viewing and navigating text efficiently.

The more Command

The more command allows you to view files one screen at a time, making it a significant upgrade from cat when dealing with large files. But it comes with limitations in terms of backward navigation and advanced features.

Here’s the syntax for more:

more [FILENAME]

And here’s an example:

more file.txt # Displays content of file.txt one page at a time

Keys used while viewing:

1. Spacebar: Moves forward by one page

2. Enter: Moves forward by one line

3. b: Moves back by one page

4. q: Quit and exit file content

The less Command

The less command is often considered a superior alternative to more due to its advanced navigation capabilities and flexibility. Unlike more, less allows both forward and backward navigation, making it ideal for reviewing large files or logs.

Here’s its syntax:

less [FILENAME]

And here’s an example:

less file.txt # Displays content of file.txt one page at a time

Keys used while viewing:

1. Spacebar: Moves forward by one page

2. Enter: Moves forward by one line

3. b: Moves back by one page

4. Up/Down arrow key: Moves up or down by one line

5. q: Quit and exit less

The only major difference between the more and less commands is that the less command allows bidirectional navigation, so it’s typically more convenient to use.

Text Filters

A text filter in Linux is a command-line utility that processes text data by modifying, extracting, or formatting it before outputting the result.

Horizontal filters

Horizontal filtering focuses on extracting, manipulating, or displaying specific lines of a file or command output. Common tools include head, tail, and grep.

1. head: The head command displays the first few lines of a file. By default, it shows the first 10 lines. Here’s its syntax:

    head [OPTIONS] [FILENAME]
   

   And here’s an example of how to use it:

    head file.txt # Displays first ten lines from file.txt
    head -n 5 file.txt # Displays first five lines from file.txt
   

2. tail: The tail command displays the last few lines of a file. By default, it shows the last 10 lines. Here’s its syntax:

    tail [OPTIONS] [FILENAME]
   

   And here’s an example:

    tail file.txt # Displays last ten lines from file.txt
    tail -n 5 file.txt # Displays last five lines from file.txt
   

3. grep: The grep command searches for patterns within a file or input. It filters out lines that match a given pattern. Here’s its syntax:

    grep [OPTIONS] [PATTERN] [FILENAME]
   

   Options:

   • -i: Case-insensitive search.

   • -v: Invert the match (exclude matching lines).

   • -n: Show line numbers of matches.

Example

    grep Tanishka data.txt # Displays lines that have 'Tanishka' in them
    grep -i Tanishka data.txt # Displays lines that have 'Tanishka' irrespective of case
    grep -v Tanishka data.txt # Displays lines that do not have 'Tanishka' in them
    grep -n Tanishka data.txt # Displays lines that have 'Tanishka' in them along with number line

Vertical Filters

1. cut: The cut command displays selected parts of lines from each file based on delimiters, byte positions, or character fields. Here’s its syntax:

    cut [OPTION] [FILENAME]
   

   It also comes with various options:

   • -c: Extract specific characters.

   • -b: Extract specific bytes.

   • -d: Specify a custom delimiter (default is tab).

     • cut -d ":" -f 2 file.txt → Second field separated by :.

   • -f: Extract specific fields.

     • cut -d "," -f 1,3 file.csv → Fields 1 and 3 from a CSV.

Example:

    cut -c 1-10 Sample.txt # Displays characters from position 1 to 10
    cut -c 5 Sample.txt # Displays character at position 5
    cut -c 3,5 Sample.txt # Displays characters from position 3 and 5 only
    cut -d " " -f 1 Sample.txt # Displays first field separated by a space
    cut -d " " -f 2 Sample.txt # Displays second field separated by a space
    cut -d " " -f 3 Sample.txt # Displays third field separated by a space
    cut -d " " -f 1-3 Sample.txt # Displays first to third fields separated by a space
    cut -d " " -f 1,3 Sample.txt # Displays first and third fields separated by a space
    cut -d ":" -f 5 /etc/passwd # Displays fifth field separated by : in /etc/passwd

Text Summarization Tool: wc

The wc (word count) command is used to display the number of lines, words, characters, or bytes in a file or input. It is a simple yet powerful utility you can use to summarize text content.

Here’s its syntax:

wc [OPTION] [FILENAME]

And here are its options:

• -l: Displays the number of lines.

• -w: Displays the number of words.

• -c: Displays the number of bytes.

• -m: Displays the number of characters (useful for multibyte characters).

• -L: Displays the length of the longest line.

Example:

wc Sample.txt # Displays line count, word count, and byte count in Sample.txt
wc -w Sample.txt # Displays number of words in Sample.txt
wc -l Sample.txt # Displays number of lines in Sample.txt
wc -L Sample.txt # Displays number of characters in longest line in Sample.txt

wc -c Sample.txt # Displays number of bytes in Sample.txt (Actual storage size)
wc -m Sample.txt # Displays number of characters in Sample.txt (Actual number of characters regardless of enoing)

# ABCD😄
wc -c above.txt # "ABCD" = 4 bytes + "😄" = 4 bytes. 4 + 4 = 8 bytes
wc -m above.txt # "ABC" = 4 + "😄" = 1 byte. 4 + 1 = 5 bytes

Final Words

In this article, we covered the basics of using Vim, a powerful and flexible text editor. We started with how to open a file in Vim and then you learned about its modes. You also learned how to navigate through files, edit text, and use features like search and replace to save time. We also explored a helpful summarization tool.

If you're new to Linux and want to build a strong foundation, check my previous article where I cover the basics of Linux, including essential commands and tips for beginners. It’s a perfect starting point to complement what you’ve learned about Vim here!

Keep practising these commands, and soon they'll become second nature to you. Mastery comes with repetition, so continue experimenting and applying these fundamentals in real-world scenarios.

Stay tuned for more articles. Get ready to take your RHEL skills to the next level.

Let’s connect!

CI/CD is a set of practices and tools designed to automate and streamline the process of integrating code changes, testing them, and deploying them to production. By adopting CI/CD, your team can reduce manual errors, speed up release cycles, and ensure that your code is always in a deployable state.

In this tutorial, we’ll focus on a beginner-friendly approach to setting up a basic CI/CD pipeline using Bitbucket, a Linux server, and Python with Flask. Specifically, we’ll create an automated process that pulls the latest changes from a Bitbucket repository to your Linux server whenever there’s a push or merge to a specific branch.

This process will be powered by Bitbucket webhooks and a simple Flask-based Python server that listens for incoming webhook events and triggers the deployment.

It’s important to note that CI/CD is a vast and complex field, and this tutorial is designed to provide a foundational understanding rather than to be an exhaustive guide.

We’ll cover the basics of setting up a CI/CD pipeline using tools that are accessible to beginners. Just keep in mind that real-world CI/CD systems often involve more advanced tools and configurations, such as containerization, orchestration, and multi-stage testing environments.

By the end of this tutorial, you’ll have a working example of how to automate deployments using Bitbucket, Linux, and Python, which you can build upon as you grow more comfortable with CI/CD concepts.

Table of Contents:

1. Why is CI/CD Important?

2. Step 1: Set Up a Webhook in Bitbucket

3. Step 2: Set Up the Flask Listener on Your Linux Server

4. Step 3: Expose the Flask App (Optional)

5. Step 4: Test the Setup

6. Step 5: Security Considerations

7. Wrapping Up

Why is CI/CD Important?

CI/CD has become a cornerstone of modern software development for several reasons. First and foremost, it accelerates the development process. By automating repetitive tasks like testing and deployment, developers can focus more on writing code and less on manual processes. This leads to faster delivery of new features and bug fixes, which is especially important in competitive markets where speed can be a differentiator.

Another key benefit of CI/CD is reduced errors and improved reliability. Automated testing ensures that every code change is rigorously checked for issues before it’s integrated into the main codebase. This minimizes the risk of introducing bugs that could disrupt the application or require costly fixes later. Automated deployment pipelines also reduce the likelihood of human error during the release process, ensuring that deployments are consistent and predictable.

CI/CD also fosters better collaboration among team members. In traditional development workflows, integrating code changes from multiple developers can be a time-consuming and error-prone process. With CI/CD, code is integrated and tested frequently, often multiple times a day. This means that conflicts are detected and resolved early, and the codebase remains in a stable state. As a result, teams can work more efficiently and with greater confidence, even when multiple contributors are working on different parts of the project simultaneously.

Finally, CI/CD supports continuous improvement and innovation. By automating the deployment process, teams can release updates to production more frequently and with less risk. This enables them to gather feedback from users faster and iterate on their products more effectively.

What We’ll Cover in This Tutorial

In this tutorial, we’ll walk through the process of setting up a simple CI/CD pipeline that automates the deployment of code changes from a Bitbucket repository to a Linux server. Here’s what you’ll learn:

1. How to configure a Bitbucket repository to send webhook notifications whenever there’s a push or merge to a specific branch.

2. How to set up a Flask-based Python server on your Linux server to listen for incoming webhook events.

3. How to write a script that pulls the latest changes from the repository and deploys them to the server.

4. How to test and troubleshoot your automated deployment process.

By the end of this tutorial, you’ll have a working example of a basic CI/CD pipeline that you can customize and expand as needed. Let’s get started!

Step 1: Set Up a Webhook in Bitbucket

Before starting with the setup, let’s briefly explain what a webhook is and how it fits into our CI/CD process.

A webhook is a mechanism that allows one system to notify another system about an event in real-time. In the context of Bitbucket, a webhook can be configured to send an HTTP request (often a POST request with payload data) to a specified URL whenever a specific event occurs in your repository, such as a push to a branch or a pull request merge.

In our case, the webhook will notify our Flask-based Python server (running on your Linux server) whenever there’s a push or merge to a specific branch. This notification will trigger a script on the server to pull the latest changes from the repository and deploy them automatically. Essentially, the webhook acts as the bridge between Bitbucket and your server, enabling seamless automation of the deployment process.

Now that you understand the role of a webhook, let’s set one up in Bitbucket:

1. Log in to Bitbucket and navigate to your repository.

2. On the left-hand sidebar, click on Settings.

3. Under the Workflow section, find and click on Webhooks.

4. Click the Add webhook button.

5. Enter a name for your webhook (for example, "Automatic Pull").

6. In the URL field, provide the URL to your server where the webhook will send the request. If you’re running a Flask app locally, this would be something like http://your-server-ip/pull-repo. (For production environments, it’s highly recommended to use HTTPS to secure the communication between Bitbucket and your server.)

7. In the Triggers section, choose the events you want to listen to. For this example, we will select Push (and optionally, Pull Request Merged if you want to deploy after merges, too).

8. Save the webhook with a self-explanatory name so it’s easy to identify later.

Once the webhook is set up, Bitbucket will send a POST request to the specified URL every time the selected event occurs. In the next steps, we’ll set up a Flask server to handle these incoming requests and trigger the deployment process.

Here is what you should see when you setup up the Bitbucket webhook

Step 2: Set Up the Flask Listener on Your Linux Server

In the next step, you’ll set up a simple web server on your Linux machine that will listen for the webhook from Bitbucket. When it receives the notification, it will execute a git pull or a force pull (in case of local changes) to update the repository.

Install Flask:

To create the Flask application, first install Flask by running:

pip install flask

Create the Flask App:

Create a new Python script (for example, app_repo_pull.py) on your server and add the following code:

from flask import Flask
import subprocess

app = Flask(__name__)

@app.route('/pull-repo', methods=['POST'])
def pull_repo():
    try:
        # Fetch the latest changes from the remote repository
        subprocess.run(["git", "-C", "/path/to/your/repository", "fetch"], check=True)
        # Force reset the local branch to match the remote 'test' branch
        subprocess.run(["git", "-C", "/path/to/your/repository", "reset", "--hard", "origin/test"], check=True)  # Replace 'test' with your branch name
        return "Force pull successful", 200
    except subprocess.CalledProcessError:
        return "Failed to force pull the repository", 500

if __name__ == '__main__':
    app.run(host='0.0.0.0', port=5000)

Here’s what this code does:

• subprocess.run(["git", "-C", "/path/to/your/repository", "fetch"]): This command fetches the latest changes from the remote repository without affecting the local working directory.

• subprocess.run(["git", "-C", "/path/to/your/repository", "reset", "--hard", "origin/test"]): This command performs a hard reset, forcing the local repository to match the remote test branch. Replace test with the name of your branch.

Make sure to replace /path/to/your/repository with the actual path to your local Git repository.

Step 3: Expose the Flask App (Optional)

If you want the Flask app to be accessible from outside your server, you need to expose it publicly. For this, you can set up a reverse proxy with NGINX. Here's how to do that:

First, install NGINX if you don't have it already by running this command:

sudo apt-get install nginx

Next, you’ll need to configure NGINX to proxy requests to your Flask app. Open the NGINX configuration file:

sudo nano /etc/nginx/sites-available/default

Modify the configuration to include this block:

server {
    listen 80;
    server_name your-server-ip;

    location /pull-repo {
        proxy_pass http://localhost:5000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Now just reload NGINX to apply the changes:

sudo systemctl reload nginx

Step 4: Test the Setup

Now that everything is set up, go ahead and start the Flask app by executing this Python script:

python3 app_repo_pull.py

Now to test if everything is working:

1. Make a commit: Push a commit to the test branch in your Bitbucket repository. This action will trigger the webhook.

1. Webhook trigger: The webhook will send a POST request to your server. The Flask app will receive this request, perform a force pull from the test branch, and update the local repository.

2. Verify the pull: Check the log output of your Flask app or inspect the local repository to verify that the changes have been pulled and applied successfully.

Step 5: Security Considerations

When exposing a Flask app to the internet, securing your server and application is crucial to protect it from unauthorized access, data breaches, and attacks. Here are the key areas to focus on:

1. Use a Secure Server with Proper Firewall Rules

A secure server is one that is configured to minimize exposure to external threats. This involves using firewall rules, minimizing unnecessary services, and ensuring that only required ports are open for communication.

Example of a secure server setup:

• Minimal software: Only install the software you need (for example, Python, Flask, NGINX) and remove unnecessary services.

• Operating system updates: Ensure your server's operating system is up-to-date with the latest security patches.

• Firewall configuration: Use a firewall to control incoming and outgoing traffic and limit access to your server.

For example, a basic UFW (Uncomplicated Firewall) configuration on Ubuntu might look like this:

# Allow SSH (port 22) for remote access
sudo ufw allow ssh

# Allow HTTP (port 80) and HTTPS (port 443) for web traffic
sudo ufw allow http
sudo ufw allow https

# Enable the firewall
sudo ufw enable

# Check the status of the firewall
sudo ufw status

In this case:

• The firewall allows incoming SSH connections on port 22, HTTP on port 80, and HTTPS on port 443.

• Any unnecessary ports or services should be blocked by default to limit exposure to attacks.

Additional Firewall Rules:

• Limit access to webhook endpoint: Ideally, only allow traffic to the webhook endpoint from Bitbucket's IP addresses to prevent external access. You can set this up in your firewall or using your web server (for example, NGINX) by only accepting requests from Bitbucket's IP range.

• Deny all other incoming traffic: For any service that does not need to be exposed to the internet (for example, database ports), ensure those ports are blocked.

2. Add Authentication to the Flask App

Since your Flask app will be publicly accessible via the webhook URL, you should consider adding authentication to ensure only authorized users (such as Bitbucket's servers) can trigger the pull.

Basic Authentication Example:

You can use a simple token-based authentication to secure your webhook endpoint. Here’s an example of how to modify your Flask app to require an authentication token:

from flask import Flask, request, abort
import subprocess

app = Flask(__name__)

# Define a secret token for webhook verification
SECRET_TOKEN = 'your-secret-token'

@app.route('/pull-repo', methods=['POST'])
def pull_repo():
    # Check if the request contains the correct token
    token = request.headers.get('X-Hub-Signature')
    if token != SECRET_TOKEN:
        abort(403)  # Forbidden if the token is incorrect

    try:
        subprocess.run(["git", "-C", "/path/to/your/repository", "fetch"], check=True)
        subprocess.run(["git", "-C", "/path/to/your/repository", "reset", "--hard", "origin/test"], check=True)
        return "Force pull successful", 200
    except subprocess.CalledProcessError:
        return "Failed to force pull the repository", 500

if __name__ == '__main__':
    app.run(host='0.0.0.0', port=5000)

How it works:

• The X-Hub-Signature is a custom header that you add to the request when setting up the webhook in Bitbucket.

• Only requests with the correct token will be allowed to trigger the pull. If the token is missing or incorrect, the request is rejected with a 403 Forbidden response.

You can also use more complex forms of authentication, such as OAuth or HMAC (Hash-based Message Authentication Code), but this simple token approach works for many cases.

3. Use HTTPS for Secure Communication

It’s crucial to encrypt the data transmitted between your Flask app and the Bitbucket webhook, as well as any sensitive data (such as tokens or passwords) being transmitted over the network. This ensures that attackers cannot intercept or modify the data.

Why HTTPS?

• Data encryption: HTTPS encrypts the communication, ensuring that sensitive data like your authentication token is not exposed to man-in-the-middle attacks.

• Trust and integrity: HTTPS helps ensure that the data received by your server hasn’t been tampered with.

Using Let’s Encrypt to Secure Your Flask App with SSL:

1. Install Certbot (the tool for obtaining Let’s Encrypt certificates):

sudo apt-get update
sudo apt-get install certbot python3-certbot-nginx

Obtain a free SSL certificate for your domain:

sudo certbot --nginx -d your-domain.com

• This command will automatically configure Nginx to use HTTPS with a free SSL certificate from Let’s Encrypt.

• Ensure HTTPS is used: Make sure that your Flask app or Nginx configuration forces all traffic to use HTTPS. You can do this by setting up a redirection rule in Nginx:

server {
    listen 80;
    server_name your-domain.com;

    # Redirect HTTP to HTTPS
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    server_name your-domain.com;

    ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;

    # Other Nginx configuration...
}

Automatic Renewal: Let’s Encrypt certificates are valid for 90 days, so it’s important to set up automatic renewal:

sudo certbot renew --dry-run

This command tests the renewal process to make sure everything is working.

4. Logging and Monitoring

Implement logging and monitoring for your Flask app to track any unauthorized attempts, errors, or unusual activity:

• Log requests: Log all incoming requests, including the IP address, request headers, and response status, so you can monitor for any suspicious activity.

• Use monitoring tools: Set up tools like Prometheus, Grafana, or New Relic to monitor server performance and app health.

Wrapping Up

In this tutorial, we explored how to set up a simple, beginner-friendly CI/CD pipeline that automates deployments using Bitbucket, a Linux server, and Python with Flask. Here’s a recap of what you’ve learned:

1. CI/CD Fundamentals: We discussed the basics of Continuous Integration (CI) and Continuous Delivery/Deployment (CD), which are essential practices for automating the integration, testing, and deployment of code. You learned how CI/CD helps speed up development, reduce errors, and improve collaboration among developers.

2. Setting Up Bitbucket Webhooks: You learned how to configure a Bitbucket webhook to notify your server whenever there’s a push or merge to a specific branch. This webhook serves as a trigger to initiate the deployment process automatically.

3. Creating a Flask-based Webhook Listener: We showed you how to set up a Flask app on your Linux server to listen for incoming webhook requests from Bitbucket. This Flask app receives the notifications and runs the necessary Git commands to pull and deploy the latest changes.

4. Automating the Deployment Process: Using Python and Flask, we automated the process of pulling changes from the Bitbucket repository and performing a force pull to ensure the latest code is deployed. You also learned how to configure the server to expose the Flask app and accept requests securely.

5. Security Considerations: We covered critical security steps to protect your deployment process:

   • Firewall Rules: We discussed configuring firewall rules to limit exposure and ensure only authorized traffic (from Bitbucket) can access your server.

   • Authentication: We added token-based authentication to ensure only authorized requests can trigger deployments.

   • HTTPS: We explained how to secure the communication between your server and Bitbucket using SSL certificates from Let's Encrypt.

   • Logging and Monitoring: Lastly, we recommended setting up logging and monitoring to keep track of any unusual activity or errors.

Next Steps

By the end of this tutorial, you now have a working example of an automated deployment pipeline. While this is a basic implementation, it serves as a foundation you can build on. As you grow more comfortable with CI/CD, you can explore advanced topics like:

• Multi-stage deployment pipelines

• Integration with containerization tools like Docker

• More complex testing and deployment strategies

• Use of orchestration tools like Kubernetes for scaling

CI/CD practices are continually evolving, and by mastering the basics, you’ve set yourself up for success as you expand your skills in this area. Happy automating and thank you for reading!

You can fork the code from here.

In this article, we’ll go through a collection of CLI / TUI tools that have been widely adopted in the developer community, spanning various categories such as version control, system utilities, text editors, and more. I wanted to give you a diverse selection that caters to different needs and workflows.

For each tool, I’ll include an overview, highlighting its key features and use cases, along with clear and concise installation instructions for various operating systems, ensuring you can quickly get up and running with these valuable command-line companions.

Table of Contents

• Kubernetes Tools

• Container Tools

• File and Text Tools

• Git Tools

• Development Tools

• Networking Tools

• Workstation Tools

Kubernetes Tools

k9s — Kubernetes CLI To Manage Your Clusters In Style

K9s is a must-have tool for anyone working with Kubernetes. Its intuitive terminal-based UI, real-time monitoring capabilities, and powerful command options make it a standout in the world of Kubernetes management tools.

The K9s project is designed to continually watch Kubernetes cluster for changes and offer subsequent commands to interact with observed resources. This makes it easier to manage applications, especially in a complex, multi-cluster environment. The project’s aim is to make Kubernetes management more accessible and less daunting, especially for those who are not Kubernetes experts.

Just launch k9s in your terminal and start exploring the Kubernetes resources with ease.

To install K9s:

# via Homebrew for macOS
brew install derailed/k9s/k9s

# via snap for Linux
snap install k9s --devmode

# via Chocolatey for Windows
choco install k9s

# via go install
go install github.com/derailed/k9s@latest

kubectx — switch between contexts (clusters) on kubectl faster.

Kubectx is the most popular tool for switching Kubernetes contexts, but it has the fewest features! It displays all the contexts in your Kubernetes config as a selectable list and lets you pick one. That’s it!

This project comes with 2 tools:

• kubectx is a tool that helps you switch between contexts (clusters) on kubectl faster.

• kubens is a tool to switch between Kubernetes namespaces (and configure them for kubectl) easily.

These tools make it very easy to switch between Kubernetes clusters and namespaces if you work with many of them daily. Here you can see it in action:

To install kubectx:

# via Homebrew for macOS
brew install kubectx

# via apt for Debian
sudo apt install kubectx

# via pacman for Arch Linux
sudo pacman -S kubectx

# via Chocolatey for Windows
choco install kubens kubectx

kubescape — Kubernetes security platform for your IDE, CI/CD pipelines, and clusters.

I hope you take the security of your Kubernetes clusters seriously. If so, kubescape is really great for testing if your Kubernetes cluster is deployed securely according to multiple frameworks.

Kubescape can scan clusters, YAML files, and Helm charts and detects the misconfigurations according to multiple sources.

I usually use it in my CI/CD to scan for vulnerabilities automatically when changing Kubernetes manifests or Helm templates.

To install kubescape:

# via Homebrew for macOS
brew install kubescape

# via apt for Debian
sudo add-apt-repository ppa:kubescape/kubescape
sudo apt update
sudo apt install kubescape

# via Chocolatey for Windows
choco install kubescape

Container Tools

ctop — A top-like interface for container metrics.

ctop is basically a better version of docker stats. It provides a concise and condensed overview of real-time metrics for multiple containers. It comes with built-in support for Docker and runC, and connectors for other container and cluster systems are planned for future releases.

Using ctop is simple. Once you have the tool open, you’ll see all of your currently active containers listed.

To install ctop:

# via Homebrew for macOS
brew install ctop

# via pacman for Arch Linux
sudo pacman -S ctop

# via scoop for Windows
scoop install ctop

lazydocker — A simple terminal UI for both docker and docker-compose.

While Docker's command-line interface is powerful, sometimes you might want a more visual approach without the overhead of a full GUI. This is especially true when managing Docker containers on a headless Linux server where installing a web-based GUI might be undesirable.

Lazydocker was created by Jesse Duffield to help make managing docker containers a bit easier. Simply put, Lazydocker is a terminal UI (written in Golang) for the docker and docker-compose commands.

To install lazydocker:

# via Homebrew for macOS
brew install lazydocker

# via Chocolatey for Windows
choco install lazydocker

# via go install
go install github.com/jesseduffield/lazydocker@latest

dive — A tool for exploring each layer in a Docker image.

A Docker image is made up of layers, and with every layer you add on, more space will be taken up by the image. Therefore, the more layers in the image, the more space the image will require.

That’s where dive shines, it helps you explore your Docker image and layer contents. It can also help you find ways to shrink the size of your Docker/OCI image.

To install dive:

# via Homebrew for macOS
brew install dive

# via pacman for Arch Linux
pacman -S dive

# via go install
go get github.com/wagoodman/dive

File and Text Tools

jq — Command-line JSON processor.

You may be aware of this one already as it’s well known in the developer community.

Unfortunately, shells such as Bash can’t interpret and work with JSON directly. That’s where you can use jq as a command-line JSON processor that’s similar to sed, awk, grep, and so on for JSON data. It’s written in portable C and doesn’t have any runtime dependencies. This lets you slice, filter, map, and transform structured data with ease.

To install jq, you can download the latest releases from the GitHub release page.

bat — A cat(1) clone with wings.

This is the most used CLI on my machine currently. A few years ago it was cat, which is great but doesn’t provide syntax highlighting, or Git integration

Bat’s syntax highlighting supports many programming and markup languages, helping you make your code more readable directly in the terminal. Git integration lets you see modifications in relation to the index, highlighting the lines you’ve added or changed.

Simply run bat filename and enjoy its output.

To install bat:

# via Homebrew for macOS
brew install bat

# via apt for Debian
sudo apt install bat

# via pacman for Arch Linux
pacman -S bat

# via Chocolatey for Windows
choco install bat

ripgrep — Recursively search directories for a regex pattern while respecting your gitignore.

ripgrep is definitely becoming a popular alternative (if not the most popular) to the grep command. Even some editors like Visual Studio Code are using ripgrep to power their search offerings.

The major selling point is its default behavior for recursive search and speed.

I now rarely use grep on my personal machine, as ripgrep is much faster.

To install ripgrep:

# via Homebrew for macOS
brew install ripgrep

# via apt for Debian
sudo apt-get install ripgrep

# via pacman for Arch Linux
pacman -S ripgrep

# via Chocolatey for Windows
choco install ripgrep

Git Tools

lazygit — Simple terminal UI for git commands.

lazygit is another great terminal UI for Git commands developed by Jesse Duffield using Go.

I don’t mind using the Git CLI directly for simple things, but it is famously verbose for more advanced use cases. I am just too lazy to memorize longer commands.

And lazigit has made me a more productive Git user than ever.

To install lazygit:

# via Homebrew for macOS
brew install jesseduffield/lazygit/lazygit

# via pacman for Arch Linux
pacman -S lazygit

# via scoop for Windows
scoop install lazygit

Development Tools

ATAC — A simple API client (Postman-like) in your terminal.

ATAC stands for Arguably a Terminal API Client. It’s based on popular clients like Postman, Insomnia, and Bruno, but it runs inside your terminal without needing any particular graphical environment.

It works best for developers who need an offline, cross-platform API client right at their fingertips (terminal).

To install ATAC:

# via Homebrew for macOS
brew tap julien-cpsn/atac
brew install atac

# via pacman for Arch Linux
pacman -S atac

k6 — A modern load testing tool, using Go and JavaScript.

I’ve used many load-testing tools in my career, such as vegeta or even ab in the past. But now I mostly use k6s as it has everything I need and has a great GUI and TUI.

Why it works well for me:

• k6 has really good documentation

• Many integrations available: Swagger, JMeter scripts, and so on.

• Results reporting is quite good

To install k6:

# via Homebrew for macOS
brew install k6

# via apt for Debian
sudo apt-get install k6

# via Chocolatey for Windows
choco install k6

httpie — modern, user-friendly command-line HTTP client for the API era.

Don’t get me wrong, curl is great, but not very human-friendly.

HTTPie has a simple and expressive syntax, supports JSON and form data, handles authentication and headers, and displays colorized and formatted output.

To install httpie:

# via Homebrew for macOS
brew install httpie

# via apt for Debian
sudo apt install httpie

# via pacman for Arch Linux
pacman -Syu httpie

# via Chocolatey for Windows
choco install httpie

asciinema — Terminal session recorder.

I call it a terminal YouTube :)

asciinema is a great tool when you want to share your terminal sessions with someone else, instead of recording heavy videos.

I use it often when I develop some CLI tools and want to share the demo of how they work (on GitHub, for example).

To install asciinema:

# via Homebrew for macOS
brew install asciinema

# via apt for Debian
sudo apt install asciinema

# via pacman for Arch Linux
sudo pacman -S asciinema

Networking

doggo — A command-line DNS client.

It's totally inspired by dog which is written in Rust.

In the past I would use dig to inspect the DNS, but its output is often verbose and difficult to parse visually.

doggo addresses these shortcomings by offering two key improvements:

• doggo provides the JSON output support for easy scripting and parsing.

• doggo offers a human-readable output format that uses color-coding and a tabular layout to present DNS information clearly and concisely.

To install doggo:

# via Homebrew for macOS
brew install doggo

# via scoop for Windows
scoop install doggo

# via go install
go install github.com/mr-karan/doggo/cmd/doggo@latest

gping — Ping, but with a graph.

The well-known ping command is not the most interesting to look at, and interpreting its output in a useful way can be difficult.

gping gives a plot of the ping latency to a host, and the most useful feature is the ability to run concurrent pings to multiple hosts and plot all of them on the same graph.

To install gping:

# via Homebrew for macOS
brew install gping

# via Chocolatey for Windows
choco install gping

# via apt for Debian
apt install gping

Workstation

tmux — A terminal multiplexer.

Why is tmux such a big deal?

You may have run into situations where you need to view multiple terminal consoles at the same time. For example, you may have a few servers running (for example, web, database, debugger) and you might want to monitor all the output coming from these servers in real-time to validate behavior or run commands.

Before tmux, you might have just opened a few different tabs in the terminal and switched between them to see the output.

Thankfully, there’s an easier way — tmux.

In a nutshell, here are some of its most popular features:

• Window/Pane management

• Session management with persistence

• Sharable sessions with other users

• Scriptable configurations

To install tmux:

# via Homebrew for macOS
brew install tmux

# via apt for Debian
apt install tmux

# via pacman for Arch Linux
pacman -S tmux

zellij — A terminal workspace with batteries included.

Since I listed tmux here, it also makes sense to include a new competitor, Zellij, which has been gaining traction in the developer community. Both have their own unique features and purposes.

Compared to traditional terminal multiplexers, zellij offers a more user-friendly interface, modern design elements, built-in layout systems, and a plugin system, making it easier for newcomers to get started.

I still like tmux. It has a special place in my heart because it has served a great purpose for years. But zellij is another good option.

To install zellij:

# via Homebrew for macOS
brew install zellij

# via apt for Debian
apt install zellij

# via pacman for Arch Linux
pacman -S zellij

btop — A monitor of resources.

I can’t live without btop, and it’s installed on all my machines via my personal dotfiles. I rarely use now built-in OS GUIs to check the resource utilization on my host machine, because btop can do it much better.

I use to to quickly explore what uses the most memory, monitor and kill some processes, and more.

To install btop:

# via Homebrew for macOS
brew install btop

# via snap for Debian
sudo snap install btop

Conclusion

These CLIs/TUIs should work well in any modern terminal. I personally use Ghostty currently and it works great, but other popular options like iTerm2, Kitty, and the default terminal applications on macOS and Linux should also provide a seamless experience. The key is to ensure your terminal supports features like 256-color palettes and UTF-8 encoding for optimal display of these tools.

There’s a huge amount of CLIs/TUIs out there, and I couldn’t list them all (though I tried to list some of the best). This selection represents a starting point for exploring the rich ecosystem of command-line tools available to developers. I encourage you to explore further, discover new tools that fit your specific needs, and contribute back to the community by sharing your findings.

Explore more articles on packagemain.tech

Whether you’re a complete novice exploring Linux for the first time or an experienced professional looking to brush up on your basics, you’re in the right place. This tutorial is your starting point to uncover the power, stability, and versatility of RHEL.

But what makes RHEL stand out in the crowded Linux ecosystem? Why do companies like Google, Amazon, and NASA rely on it? Let’s dive in and explore everything you need to know to begin your journey with Red Hat Enterprise Linux.

What we’ll cover:

1. A Little Backstory

2. What Makes Linux Special?

3. Why Red Hat Enterprise Linux?

4. How to Set Up Your Practice Environment for Linux Commands

5. Introduction to Basic Linux Commands

A Little Backstory

Have you ever wondered where it all began? Before there was Linux, there was UNIX, a revolutionary operating system created in the 1970s that changed the way computers worked. Designed for stability, multitasking, and scalability, UNIX became the foundation upon which modern operating systems were built.

Fast forward to 1991, when a 21-year-old Finnish computer science student named Linus Torvalds at the University of Helsinki decided to create his own operating system kernel as a hobby project. Little did he know, this hobby would evolve into Linux, a game-changing open-source operating system that would redefine the tech world.

Now here’s the fun part: how did Linux get its name? Originally, Linus wanted to call it “Freax” (a combination of “free,” “freak,” and “Unix”). But when he uploaded the project files to a server managed by his friend Ari Lemmke, Ari thought “Freax” didn’t sound appealing enough. So, without telling Linus, Ari named the directory “Linux” instead — a clever blend of Linus + Unix. And the rest, as they say, is history.

What Makes Linux Special?

Unlike traditional operating systems, Linux was open-source, meaning anyone could view, modify, and distribute the code freely. This sparked a wave of innovation, allowing developers around the world to create their own versions of Linux, tailored to different needs.

What truly sets Linux apart is the global community of developers and enthusiasts who constantly improve and innovate. This collaborative approach ensures that Linux stays at the forefront of technology, evolving with the needs of its users.

Today, Linux isn’t just one operating system — it’s an entire family of distributions (or distros). From user-friendly versions like Ubuntu and Fedora to enterprise-grade solutions like RHEL, there’s a Linux for everyone. In this article, we’ll focus on RHEL and why it’s a great choice for certain projects.

If you want to explore the fascinating variety of Linux distros, you can check out this Wikipedia page on Linux distributions to see just how diverse the Linux ecosystem is.

Why Red Hat Enterprise Linux?

Red Hat Enterprise Linux (RHEL) is like the reliable, no-nonsense friend you call when you're organizing a big, important event.

Sure, you could ask your fun but unpredictable friends (like open-source Linux distros) to help, but there's always a chance they'll forget the chairs or crash halfway through the party.

RHEL, on the other hand, is built for stability and comes with a professional support team that’s on call 24/7 to fix anything that goes wrong. It’s tested thoroughly to make sure it works perfectly with all the tools and gadgets big companies use, so there are no surprises.

RHEL’s blend of reliability, security, performance, and support makes it the go-to operating system for enterprises, cementing its importance in the IT landscape.

Here’s a summary of RHEL’s benefits and features:

1. Enterprise-Grade Stability and Reliability

RHEL is designed to meet the demands of mission-critical workloads, ensuring systems run consistently and predictably. Its long lifecycle support ensures businesses can rely on it without worrying about frequent upgrades or compatibility issues. This makes it an ideal choice for applications where downtime is unacceptable.

2. Comprehensive Security Features

Security is paramount in enterprise environments, and RHEL excels with robust features such as SELinux (Security-Enhanced Linux) and regular security updates. The proactive approach to identifying and addressing vulnerabilities helps organizations comply with industry regulations and maintain the integrity of their systems.

3. Scalability and Performance Optimization

RHEL is optimized to deliver high performance for a wide range of hardware architectures and workloads, including cloud, on-premises, and hybrid setups. Its ability to scale efficiently makes it suitable for small-scale applications as well as large data centers and enterprise-grade workloads.

4. Extensive Ecosystem and Professional Support

RHEL benefits from Red Hat’s extensive ecosystem of certified hardware, software, and cloud providers. Enterprises have access to a wealth of tested and certified solutions, along with 24/7 support from Red Hat. This ensures any technical issues are resolved promptly, minimizing downtime and enhancing productivity.

How to Set Up Your Practice Environment for Linux Commands

Before we jump into learning and practising Linux commands, you’ll need to set up an environment where you can run these commands. Here are three great options to consider:

1. Using the Terminal on Your Linux Machine

If you’re already using Linux, the terminal is your go-to interface for interacting with the system. All Linux commands are executed here, and it’s the ideal environment to start practising.

You can open the terminal and directly type your commands to see them in action.

2. Using VMware or Oracle VirtualBox

If you don’t want to install Linux directly on your main machine, using a virtual machine (VM) is a great solution. Virtualization tools like VMware or Oracle VirtualBox allow you to run a full Linux distribution as a guest operating system without affecting your primary system. This way, you can experiment freely in an isolated environment.

How to use a VM:

• Install VMware Workstation Player or Oracle VirtualBox on your computer.

• Download the RHEL ISO Image. You can obtain the RHEL ISO by following these steps:

  1. Register for a Red Hat Developer Account (it’s free):

     • Go to the Red Hat Developer Program.

     • Create an account (it’s free for individual developers).

     • After registering, sign in to your Red Hat account.

  2. Download the ISO:

     • Visit the RHEL Download Page after logging in.

     • Choose the ISO image for RHEL (you may select the latest version).

     • Click Download and save the ISO file on your local system.

Once your VM is running, you can use it to practice commands and explore Linux.

3. KillerCoda: An Online Linux Environment

If you’re looking for an entirely online solution, KillerCoda is a fantastic option. It provides an interactive Linux terminal right in your browser, so you don’t need to install anything on your local machine.

Visit the KillerCoda website and you will see scenario-based lessons.

Now you should be all set.

Introduction to Basic Linux Commands

One of the key features that makes Linux so versatile is its command-line interface (CLI). This is where you can interact with the system by typing commands. These commands allow you to perform a variety of tasks like managing files, directories, system resources, and much more.

Now, we’ll explore some essential Linux commands that every beginner should know. These commands are simple yet powerful tools that can help you navigate and manage your Linux environment efficiently.

Basic Linux Commands

1. echo

The echo command is used to display text or variables to the terminal. It is one of the most commonly used commands in Linux and is helpful for displaying messages, variable values, and even system information.

echo syntax:

echo [OPTION] [STRING]

Example:

echo Hello # Prints 'Hello' on terminal
echo -n Hey # Does not output a trailing newline

name="Tanishka"
echo "Hello, $name" # Prints variables

Option -e allows echo commands to enable escape sequences.

Here are some other options you can use with echo:

1. \n – New line: Moves the output to the next line.

2. \t – Tab: Adds a tab space.

3. \v – Vertical Tab: Adds a tab as the cursor moves to the next vertical position.

4. \b – Backspace: Removes the last character.

5. \\ – Backslash: Prints a backslash.

Example:

echo -e "Hello World\nThis is a new line."
# Hello World
# This is a new line.

echo -e "Hello World\tThis is tabbed."
# Hello World    This is tabbed.

echo -e "Hello\vWorld\vThis is vertically spaced."
# Hello
#       World
#             This is vertically spaced.

echo -e "This is a backslash: \\"
# This is a backslash: \

2. whoami

The whoami command is used to display the username of the currently logged-in user.

whoami syntax:

whoami

Example:

whoami #tanishkamakode

3. pwd

The pwd command is used to display the current working directory.

pwd syntax:

pwd [OPTION]

Example:

pwd # /home/tanishkamakode
pwd -L # Displays logical current working directory i.e. shows symlinks (shortcut path ,if exists)
pwd -P # Displays physical current working directory i.e. shows resolved path (original path of shortcut ,if exists)

4. ls

The ls command is used to list the files and directories in the current working directory or specified directory.

ls syntax:

ls [OPTION] [PATH]

Example:

ls # Lists files and directories at current working directory

Here are some options you can use with ls:

• ls -l: Lists detailed information about files and directories

• ls -lh: Lists detailed information about files and directories with size in human readable format

• ls -a: Lists all hidden files

• ls -R: Lists recursive content of directory

5. date

The date command is used to display or set the system date and time.

date syntax:

date [OPTION] [FORMAT_SPECIFIER]

Example:

date # Displays current date and time
date +"%d/%m/%Y" # Displays date month year
date +"%H:%M:%S" # Displays hours minutes seconds
date -u # Displays date in UTC time
date --set "2024-06-05" # Sets date to given YYYY-MM-DD
date -d "yesterday" # Displays yesterday's date
date -d "tomorrow" # Displays tomorrow's date
date -d "7 days" # Displays date of 7 days from today

Options you can use with the date command:

1. -u: Displays date and time in UTC.

2. -d: Displays or sets the date/time to a specific string (e.g., "yesterday", "7 days ago").

3. %d: Day of the month (01 to 31).

4. %m: Month of the year (01 to 12).

5. %y: Last two digits of the year (00 to 99).

6. %Y: Full year (for example, 2025).

date -u # Displays date in UTC time
date -d "yesterday" # Displays yesterday's date
date -d "tomorrow" # Displays tommorow's date
date -d "7 days" # Displays date of 7 days from today
date +"%d/%m/%Y" # Displays date month year
date +"%H:%M:%S" # Displays hours minutes seconds

6. cal

The cal command is used to display calendar details. If no options are given, the current month is displayed.

cal syntax:

cal [OPTIONS]

Example:

cal # Displays current month calendar
cal --highlight # Highlights current date

Options you can use with the cal command:

1. --highlight: Highlights the current date in the calendar.

2. -3: Displays the previous, current, and next month.

3. -m: Displays the current month in a multi-line format.

4. -y: Displays the calendar for the entire year.

5. -A [N]: Displays N months ahead of the current month.

6. -B [N]: Displays N months before the current month.

7. cal [year]: Displays the calendar for the entire year.

8. cal [month] [year]: Displays the calendar for the specified month and year.

cal 2024 # Displays the calendar for all months of 2024
cal 06 2024 # Displays the calendar for the 6th month (June) of 2024
cal -m # Displays the current month in multi-line format
cal -A 3 # Displays the 3 months ahead of the current month
cal -B 2 # Displays the 2 months before the current month

7. nl

The nl command is used to add line number to file content.

nl syntax:

nl [OPTIONS] [FILENAME]

Example:

nl file.txt # Displays file content with line numbers
nl -b a file.txt # Numbers all lines
nl -b t file.txt # Number non-empty lines only
nl -s ') ' file.txt # Adds a separator between the line number and the content -
# 1) First line
# 2) Second line

As you can see in the code above, there are other options you can use with the nl command, too.

File Creation and Handling Commands

1. touch

The touch command is used to create an empty file or update the last modified time if a file exists.

touch syntax:

touch [OPTIONS] [FILENAME]

Example:

touch file.txt # Creates a single file - file.txt
touch file1.txt file2.txt file3.txt # Creates multiple files
touch file{1..10}.txt # Creates files with given range names (file1.txt file2.txt upto file10.txt)

2. cat

The cat command concatenates files and also displays the content of files.

cat syntax:

cat [OPTIONS] [FILENAME]

Example:

cat file.txt # Displays content of file.txt
cat file1.txt file2.txt > merged.txt # Overrides content of two files in merged.txt
cat file1.txt >> file2.txt # Appends content of first file to second file
cat -n file.txt # Displays the content along with line numbers

cat > file.txt OR cat >> file.txt # > for overriding, >> for appending
# This allows you to create a new file with a prompt to enter the content
# If file already exists, teminal will read the content you enter.
# Once you’re done with writing content,
# press Ctrl + D (detach).
# Or Ctrl + C but make sure you enter this on new line
# or else current line content will not be appended to the file.

Directory Creation and Handling

1. mkdir

The mkdir command is used to create a directory.

mkdir syntax:

mkdir [OPTIONS] [DIRECTORYNAME]

Example:

mkdir folder # Creates a single directory
mkdir fol1 fol2 fol3 # Creates multiple directories
mkdir fol{1..10} # Creates directories with given range names
mkdir -p /myData/data # Creates nested directories
ls -R /myData # Verify if nested directories created
mkdir -v fol1 fol2 fol3 # Verbose mode i.e confirmation of directory creation on terminal

2. cd

The cd command is used to change the directory – that is, to navigate between directories.

cd syntax:

cd [DIRECTORY]

Example:

cd myFolder # Relative path, starting from current directroy
cd /home/myFolder # Absolute path, starting from root /
cd .. # Goes to one level above current directory
cd ../.. # Goes to two level above current directory
cd OR cd ~ # Goes to home directory
cd - # Switched to directory you were in previously

Copy, Move, and Remove Files and Directories

1. cp

The cp command is used to copy files and directories from one location to another.

cp syntax:

cp [OPTIONS] [SOURCE] [DESTINATION]

Example:

cp myFile.txt /home/newFolder # Copies myFile.txt to newFolder
cp myFile1.txt myFile2.txt /home/newFolder # Copies multiple files to newFolder
cp -r oldData /home/newData # Recursively copies content of oldData directory to newData directory
cp -i file.txt /home/Folder # Asks for confirmation while overriding file.txt that already exists in Folder
cp -v oldData /home/newData # Verbose output i.e. confirmation of copying the directory 
cp -f file.txt /newFolder # Copies the file forecfully

2. mv

The mv command is used to move files and directories from one location to another. It is also used to rename a file or a directory.

mv syntax:

mv [OPTIONS] [SOURCE] [DESTINATION]

Example:

mv myFile.txt /home/newFolder # Moves myFile to newFolder
mv myFile1.txt myFile2.txt /home/newFolder # Moves multiple files to newFolder
mv -i file.txt /home/sample # Asks before overriding the file.txt that already exists in sample
mv -v oldData /home/sample # Verbose mode i.e. confirmation of moving directory oldData in sample directory
mv oldFile.txt newFile.txt # Renames the file

3. rm

The rm command is used to remove files and directories.

rm syntax:

rm [OPTIONS] [FILENAME OR DIRECTORYNAME]

Example:

rm file.txt # Removes single file
rm file1.txt file2.txt # Removes multiple files
rm emptyDir # Won't work for empty directory (Next command will handle this case!)
rm -r myData # Removed a non-empty directory recursively
rm -r -i myData # Asks for confirmation before deleting each file
rm -r -f myData # Removes a non-empty directory recursively without confirmation
rm -r -f -v myData # Removes a non-empty directory recursively without confirmation in verbose mode

4. rmdir

The rmdir command is used to remove empty directories only.

rmdir syntax:

rmdir [OPTIONS] [FILENAME OR DIRECTORYNAME]

Example:

rmdir emptyDir # Removes empty directory emptyDir
rmdir myDir1 myDir2 myDir3 # Removes multiple empty directories
rmdir myDir # Won't work for non-empty directories (Use 'rm -r dir_name' for this case!)

Final Words

Congratulations! You've successfully learned the basics of Red Hat Enterprise Linux (RHEL) and the essential commands that form the foundation of Linux systems.

Keep practicing these commands, and soon they'll become second nature to you. Mastery comes with repetition, so continue experimenting and applying these fundamentals in real-world scenarios.

Stay tuned for more articles. Get ready to take your RHEL skills to the next level.

Let’s connect!

We’ll start with basic message transmission. Then you'll progress to creating a file transfer system, and you’ll ultimately develop a secure chat application with encryption.

Here’s what we’ll cover:

• Prerequisites

• Install Netcat

• Your First Network Connection

• How to Build a Simple File Transfer Tool

• How to Create a Secure Chat System

• Conclusion

• Practice Your Skills

Prerequisites

Before we start, you'll need:

• A Linux-based system: I recommend Ubuntu. Alternatively, you can use the Online Linux Terminal if you don't have Linux installed.

• Basic terminal knowledge (how to use cd and ls)

Don't worry if you're new to networking - I’ll explain everything as we go!

Install Netcat

Netcat is like a digital "pipe" between computers – anything you put in one end comes out the other. Before we start using it, let's get it installed on your system.

Open your terminal and run these commands:

# Update your system's package list
sudo apt update

# Install Netcat
sudo apt install netcat -y

To check if the installation worked, run:

nc -h

You should see a message starting with "OpenBSD netcat". If you do, great! If not, try running the installation commands again.

Your First Network Connection

Before we dive into building tools, let's understand what a network connection actually is. Think of it like a phone call: one person needs to wait for the call (the listener), and another person needs to make the call (the connector).

In networking, we use "ports" to make these connections. You can think of ports like different phone lines – they let multiple conversations happen at the same time.

Let's try making our first connection:

1. Open a terminal window and create a listener:

nc -l 12345

What did we just do? The -l tells Netcat to "listen" for a connection, and 12345 is the port number we chose. Your terminal will look like it's frozen – that's normal! It's waiting for someone to connect.

2. Open another terminal window and connect to your listener:

nc localhost 12345

Here, localhost means "this computer" – we're connecting to ourselves for practice. If you want to connect to another computer, you can replace localhost with its IP address.

Now try typing a message (like "hi") in either window and press Enter. Cool, right? The message appears in the other window! This is exactly how basic network communication works.

To stop the connection, press Ctrl+C in both windows.

What Just Happened?

You just created your first network connection! The first terminal was like someone waiting by a phone, and the second terminal was like someone calling that phone. When they connected, they could send messages back and forth.

How to Build a Simple File Transfer Tool

Now that we understand basic connections, let's build something more useful: a tool to transfer files between computers.

First, let's create a test file to send:

# Create a file with some content
echo "This is my secret message" > secret.txt

To transfer this file, we'll need two terminals again, but this time we'll use them differently:

1. In the first terminal, set up the receiver:

nc -l 12345 > received_file.txt

This tells Netcat to:

• Listen for a connection (-l)

• Save whatever it receives to a file called received_file.txt (>)

2. In the second terminal, send the file:

nc localhost 12345 < secret.txt

The < tells Netcat to send the contents of our file.

3. Press Ctrl+C in both terminals to stop the transfer. Then check if it worked:

cat received_file.txt

You should see your message!

This is similar to our chat system, but instead of typing messages, we're:

1. Taking content from a file

2. Sending it through our network connection

3. Saving it to a new file on the other end

Think of it like sending a document through a fax machine!

How to Create a Secure Chat System

Our previous examples sent everything as plain text – anyone could read it if they intercepted the connection. Let's make something more secure by adding encryption.

First, let's understand what encryption does:

• It's like putting your message in a locked box

• Only someone with the right key can open it

• Even if someone sees the box, they can't read your message

We'll create two scripts: one for sending messages and one for receiving them.

1. Create the sender script:

nano secure_sender.sh

Copy this code into the file:

#!/bin/bash

echo "Secure Chat - Type your messages below"
echo "Press Ctrl+C to exit"

while true; do
  # Get the message
  read message

  # Encrypt and send it
  echo "$message" | openssl enc -aes-256-cbc -salt -base64 \
    -pbkdf2 -pass pass:chatpassword 2>/dev/null | \
    nc -N localhost 12345
done

This script will:

1. Read messages from user input.

2. Encrypt them using OpenSSL's AES-256-CBC encryption (a strong encryption standard).

3. Send the encrypted message to the specified port.

Press Ctrl+X, then Y, then Enter to save.

2. Create the receiver script:

nano secure_receiver.sh

Copy this code:

#!/bin/bash

echo "Waiting for messages..."

while true; do
  # Receive and decrypt messages
  nc -l 12345 | openssl enc -aes-256-cbc -d -salt -base64 \
    -pbkdf2 -pass pass:chatpassword 2>/dev/null
done

This script will:

1. Listen for incoming encrypted messages.

2. Decrypt them using the same encryption key.

3. Display the decrypted messages.

Save this file too.

3. Make both scripts executable:

chmod +x secure_sender.sh secure_receiver.sh

4. Try it out:

• In one terminal: ./secure_receiver.sh

• In another terminal: ./secure_sender.sh

Type a message in the sender terminal. The receiver will show your decrypted message!

Enhancing Our Chat System

Now that we have a working basic chat system, let's make it more user-friendly and informative. We'll add features like timestamps, color-coded messages, and encryption status updates. This enhanced version will help you better understand what's happening during the encryption and transmission process.

If you're comfortable with the basic version, try this improved version:

1. Create an enhanced sender script (save it as secure_sender_v2.sh):

#!/bin/bash

# Set up color codes for better visibility
GREEN='\033[0;32m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color

echo -e "${GREEN}Secure Chat Sender - Started at $(date)${NC}"
echo -e "${BLUE}Type your messages below. Press Ctrl+C to exit${NC}"
echo "----------------------------------------"

while true; do
    # Show prompt with timestamp
    echo -ne "${GREEN}[$(date +%H:%M:%S)]${NC} Your message: "

    # Get the message
    read message

    # Skip if message is empty
    if [ -z "$message" ]; then
        continue
    fi

    # Add timestamp to message
    timestamped_message="[$(date +%H:%M:%S)] $message"

    # Show encryption status
    echo -e "${BLUE}Encrypting and sending message...${NC}"

    # Encrypt and send it, showing the encrypted form
    encrypted=$(echo "$timestamped_message" | openssl enc -aes-256-cbc -salt -base64 \
        -pbkdf2 -iter 10000 -pass pass:chatpassword 2>/dev/null)

    echo -e "${BLUE}Encrypted form:${NC} ${encrypted:0:50}..." # Show first 50 chars
    echo "$encrypted" | nc -N localhost 12345

    echo -e "${GREEN}Message sent successfully!${NC}"
    echo "----------------------------------------"
done

2. Create an enhanced receiver script (save as secure_receiver_v2.sh):

#!/bin/bash

# Set up color codes for better visibility
GREEN='\033[0;32m'
BLUE='\033[0;34m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color

echo -e "${GREEN}Secure Chat Receiver - Started at $(date)${NC}"
echo -e "${BLUE}Waiting for messages... Press Ctrl+C to exit${NC}"
echo "----------------------------------------"

while true; do
    # Receive and show the encrypted message
    echo -e "${BLUE}Waiting for next message...${NC}"

    encrypted=$(nc -l 12345)

    # Skip if received nothing
    if [ -z "$encrypted" ]; then
        continue
    fi

    echo -e "${YELLOW}Received encrypted message:${NC} ${encrypted:0:50}..." # Show first 50 chars
    echo -e "${BLUE}Decrypting...${NC}"

    # Decrypt and display the message
    decrypted=$(echo "$encrypted" | openssl enc -aes-256-cbc -d -salt -base64 \
        -pbkdf2 -iter 10000 -pass pass:chatpassword 2>/dev/null)

    # Check if decryption was successful
    if [ $? -eq 0 ]; then
        echo -e "${GREEN}Decrypted message:${NC} $decrypted"
    else
        echo -e "\033[0;31mError: Failed to decrypt message${NC}"
    fi

    echo "----------------------------------------"
done

3. Make the enhanced scripts executable:

chmod +x secure_sender_v2.sh secure_receiver_v2.sh

Try running both versions to see how the additional feedback helps you better understand the encryption and communication process.

The enhanced version (v2) adds several improvements:

• Colorized output for better readability.

• Timestamps for each message.

• Status updates showing the encryption/decryption process.

• Error handling for failed decryption attempts.

• Preview of encrypted messages before sending/after receiving.

Conclusion

This tutorial taught you how to use Netcat as a versatile networking tool. We started with basic message sending, progressed to building a simple file transfer system, and then created a secure chat system with encryption.

You've gained hands-on experience with:

• Setting up network listeners and connections

• Transferring files securely between systems

• Implementing basic encryption for secure communication

• Adding user-friendly features like timestamps and status updates

The skills you've learned here form a solid foundation for understanding network communication and can be applied to more complex networking projects. To practice the operations from this tutorial, try the interactive hands-on lab.

Practice Your Skills

Now that you've learned the basics of Netcat and built a secure chat system, let's put your skills to the test with a real-world scenario. Try the "Receive Messages Using Netcat" lab challenge where you'll play the role of a junior interstellar communications analyst. Your mission: intercept and log signals from an alien civilization using your newfound Netcat knowledge.

There are many public and private registries available to developers such as Docker Hub, Amazon ECR, and Google Cloud Artifact Registry. But sometimes, instead of relying on an external vendor, you might want to host your images yourself. This gives you more control over how the registry is configured and where the container images are hosted.

This article is a hands-on tutorial that’ll teach you how to self-host a Container Registry.

Table of Contents

• What is a Container Image?

• What is a Container Registry?

• Why you might want to self-host a Container Registry

• How to self-host a Container Registry

• Step 1: Install Docker and Docker Compose on the server

• Step 2: Configure and run the registry container

• Step 3: Run NGINX for handling TLS

• Ready to go!

• Other options

• Conclusion

You will get the most out of this article if you’re already familiar with the tools like Docker and NGINX, and have a general understanding of what a container is.

What is a Container Image?

Before we talk about container registries, let's first understand what a container image is. In a nutshell, a container image is a package that includes all of the files, libraries, and configurations to run a container. They are composed of layers where each layer represents a set of file system changes that add, remove, or modify files.

The most common way to create a container image is to use a Dockerfile.

# build an image
docker build -t pliutau/hello-world:v0 .

# check the images locally
docker images
# REPOSITORY    TAG       IMAGE ID       CREATED          SIZE
# hello-world   latest    9facd12bbcdd   22 seconds ago   11MB

This creates a container image that is stored on your local machine. But what if you want to share this image with others or use it on a different machine? This is where container registries come in.

What is a Container Registry?

A container registry is a storage catalog where you can push and pull container images from. The images are grouped into repositories, which are collections of related images with the same name. For example, on Docker Hub registry, nginx is the name of the repository that contains different versions of the NGINX images.

Some registries are public, meaning that the images hosted on them are accessible to anyone on the Internet. Public registries such as Docker Hub are a good option to host open-source projects.

On the other hand, private registries provide a way to incorporate security and privacy into enterprise container image storage, either hosted in cloud or on-premises. These private registries often come with advanced security features and technical support.

There is a growing list of private registries available such as Amazon ECR, GCP Artifact Registry, GitHub Container Registry, and Docker Hub also offers a private repository feature.

As a developer, you interact with a container registry when using the docker push and docker pull commands.

docker push docker.io/pliutau/hello-world:v0

# In case of Docker Hub we could also skip the registry part
docker push pliutau/hello-world:v0

Let's look at the anatomy of a container image URL:

docker pull docker.io/pliutau/hello-world:v0@sha256:dc11b2...
                |            |            |          |
                ↓            ↓            ↓          ↓
             registry    repository      tag       digest

Why You Might Want to Self-host a Container Registry

Sometimes, instead of relying on a provider like AWS or GCP, you might want to host your images yourself. This keeps your infrastructure internal and makes you less reliant on external vendors. In some heavily regulated industries, this is even a requirement.

A self-hosted registry runs on your own servers, giving you more control over how the registry is configured and where the container images are hosted. At the same time it comes with a cost of maintaining and securing the registry.

How to Self-host a Container Registry

There are several open-source container registry solutions available. The most popular one is officially supported by Docker, called registry, with its implementation for storing and distributing of container images and artifacts. This means that you can run your own registry inside a container.

Here are the main steps to run a registry on a server:

• Install Docker and Docker Compose on the server.

• Configure and run the registry container.

• Run NGINX for handling TLS and forwarding requests to the registry container.

• Setup SSL certificates and configure a domain.

Step 1: Install Docker and Docker Compose on the server

You can use any server that supports Docker. For example, you can use a DigitalOcean Droplet with Ubuntu. For this demo I used Google Cloud Compute to create a VM with Ubuntu.

neofetch

# OS: Ubuntu 20.04.6 LTS x86_64
# CPU: Intel Xeon (2) @ 2.200GHz
# Memory: 3908MiB

Once we're inside our VM, we should install Docker and Docker Compose. Docker Compose is optional, but it makes it easier to manage multi-container applications.

# install docker engine and docker-compose
sudo snap install docker

# verify the installation
docker --version
docker-compose --version

Step 2: Configure and run the registry container

Next we need to configure our registry container. The following compose.yaml file will create a registry container with a volume for storing the images and a volume for storing the password file.

services:
  registry:
    image: registry:latest
    environment:
      REGISTRY_AUTH: htpasswd
      REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm
      REGISTRY_AUTH_HTPASSWD_PATH: /auth/registry.password
      REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data
    volumes:
      # Mount the password file
      - ./registry/registry.password:/auth/registry.password
      # Mount the data directory
      - ./registry/data:/data
    ports:
      - 5000

The password file defined in REGISTRY_AUTH_HTPASSWD_PATH is used to authenticate users when they push or pull images from the registry. We should create a password file using the htpasswd command. We should also create a folder for storing the images.

mkdir -p ./registry/data

# install htpasswd
sudo apt install apache2-utils

# create a password file. username: busy, password: bee
htpasswd -Bbn busy bee > ./registry/registry.password

Now we can start the registry container. If you see this message, than everything is working as it should:

docker-compose up

# successfull run should output something like this:
# registry | level=info msg="listening on [::]:5000"

Step 3: Run NGINX for handling TLS

As mentioned earlier, we can use NGINX to handle TLS and forward requests to the registry container.

The Docker Registry requires a valid trusted SSL certificate to work. You can use something like Let's Encrypt or obtain it manually. Make sure you have a domain name pointing to your server (registry.pliutau.com in my case). For this demo I already obtained the certificates using certbot and put it in the ./nginx/certs directory.

Since we're running our Docker Registry in a container, we can run NGINX in a container as well by adding the following service to the compose.yaml file:

services:
  registry:
    # ...
  nginx:
    image: nginx:latest
    depends_on:
      - registry
    volumes:
      # mount the nginx configuration
      - ./nginx/nginx.conf:/etc/nginx/nginx.conf
      # mount the certificates obtained from Let's Encrypt
      - ./nginx/certs:/etc/nginx/certs
    ports:
      - "443:443"

Our nginx.conf file could look like this:

worker_processes auto;

events {
    worker_connections 1024;
}

http {
    upstream registry {
        server registry:5000;
    }

    server {
        server_name registry.pliutau.com;
        listen 443 ssl;

        ssl_certificate /etc/nginx/certs/fullchain.pem;
        ssl_certificate_key /etc/nginx/certs/privkey.pem;

        location / {
            # important setting for large images
            client_max_body_size                1000m;

            proxy_pass                          http://registry;
            proxy_set_header  Host              $http_host;
            proxy_set_header  X-Real-IP         $remote_addr;
            proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
            proxy_set_header  X-Forwarded-Proto $scheme;
            proxy_read_timeout                  900;
        }
    }
}

Ready to go!

After these steps we can run our registry and Nginx containers.

docker-compose up

Now, on the client side, you can push and pull the images from your registry. But first we need to login to the registry.

docker login registry.pliutau.com

# Username: busy
# Password: bee
# Login Succeeded

Time to build and push our image to our self-hosted registry:

docker build -t registry.pliutau.com/pliutau/hello-world:v0 .

docker push registry.pliutau.com/pliutau/hello-world:v0
# v0: digest: sha256:a56ea4... size: 738

On your server you can check the uploaded images in the data folder:

ls -la ./registry/data/docker/registry/v2/repositories/

Other options

Following the example above, you can also run the registry on Kubernetes. Or you could use a managed registry service like Harbor, which is an open-source registry that provides advanced security features and is compatible with Docker and Kubernetes.

Also, if you want to have a UI for your self-hosted registry, you could use a project like joxit/docker-registry-ui and run it in a separate container.

Conclusion

Self-hosted Container Registries allow you to have complete control over your registry and the way it's deployed. At the same time it comes with a cost of maintaining and securing the registry.

Whatever your reasons for running a self-hosted registry, you now know how it's done. From here you can compare the different options and choose the one that best fits your needs.

You can find the full source code for this demo on GitHub. Also, you can watch it as a video on our YouTube channel.