List of Basic SSH Commands
Your Bluehost account includes SSH (Secure Shell) access. Whether you're new to managing servers or have some experience, knowing the basic SSH commands is important.
In this guide, we'll go through a list of important commands. They'll help you do tasks like moving files and checking system status when you're working on a remote server.
Check out the following articles for more information about the SSH protocol:
- What are SSH Commands?
- List of Basic SSH Commands
- How to Use SSH Commands
- Best Practices for SSH Key Management
- Summary
What are SSH Commands?
SSH commands are tools that establish a secure and encrypted way to communicate between two systems over an insecure network. They allow you to run terminal sessions, move files safely, and set up secure tunnels for other applications, ensuring that all data exchanged remains private and protected against unauthorized access.
List of Basic SSH Commands
Below are the most used SSH commands:
Important: Be careful when using the "rm" command to avoid deleting important content that cannot be retrieved without a restore.
| Commands | Description |
| cat | Print file contents to the screen |
| cat filename.txt | Cat the contents of filename.txt to your screen |
| cd - | Change directory |
| cd .. | Go up a directory |
| cd /usr/local/apache | Go to /usr/local/apache/ directory |
| cd ~ | Go to your home directory |
| mkdir | Create a new directory or folder in the specified path on a server. |
| scp | Transfer files securely between your local computer and a remote server or between two remote servers. |
| cp -a /home/burst/new_design/* /home/burst/public_html/ | Copies all files, retaining permissions from one directory to another. |
| cp | Copy a file |
| cp filename filename.backup | Copies filename to filename.backup |
| du | Shows disk usage. |
| du -sh | Shows a summary in human-readable form of total disk space used in the current directory, including subdirectories. |
| du -sh * | The same thing applies to (du -sh), but for each file and directory. This is helpful when finding large files taking up space. |
| file | Attempts to guess what type of file a file is by looking at its content. |
| file* | Prints out a list of all files/directories in a directory |
| find * -type d|xargs -i cp --verbose php.ini {} | Copies your php.ini file into all directories recursively. |
| grep | Looks for patterns in files |
| grep -v root /etc/passwd | Shows all lines that do not match the root |
| grep root /etc/passwd | Shows all matches of root in /etc/passwd |
| kill | Terminate a system process |
| kill : 9 PID EG | kill -9 431 |
| kill PID EG | kill 10550 Use top or ps ux to get system PIDs (Process IDs) |
| last | Shows who logged in and when |
| last -20 | Shows only the last 20 logins |
| last -20 -a | Shows the last 20 logins, with the hostname in the last field |
| ln | Create "links" between files and directories |
| ln -s /home/username/tmp/webalizer webstats | Now you can display http://www.yourdomain.ext/webstats to show your Webalizer stats online. You can delete the symlink (web stats), and it will not delete the original stats on the server. |
| ls | List files/directories in a directory, comparable to dir in windows/dos. |
| ls -al | Shows all files (including ones that start with a period), directories, and details attributes for each file. |
| more | Like a cat, but opens the file one screen at a time rather than all at once |
| more /etc/userdomains | Browse through the userdomains file. hit Space to go to the next page, q to quit |
| netstat | Shows all current network connections. |
| netstat -an | Shows all connections to the server, the source, and destination IPs and ports. |
| netstat -rn | Shows the routing table for all IPs bound to the server. |
| pico | Friendly, easy-to-use file editor |
| pico /home/burst/public_html/index.html | Edit the index page for the user's website. |
| ps | ps is short for process status, similar to the top command. It's used to show currently running processes and their PIDs. A process ID is a unique number that identifies a process; you can kill or terminate a running program on your server (see kill command). |
| ps aux | Shows all system processes |
| ps aux --forest | Shows all system processes like the above but organizes in a beneficial hierarchy |
| ps U username | Shows processes for a certain user |
| rm | Delete a file |
| rm filename.txt | Deletes filename.txt will likely ask if you really want to delete it |
| rm -f filename.txt | Deletes filename.txt and will not ask for confirmation before deleting. |
| rm -rf tmp/ |
Recursively deletes the directory tmp and all files in it, including subdirectories. |
| tail | Like a cat but only reads the end of the file |
| tail -f /var/log/messages | Watch the file continuously while it's being updated |
| tail /var/log/messages | See the last 20 (by default) lines of /var/log/messages |
| tail -200 /var/log/messages | Print the last 200 lines of the file to the screen |
| top | Shows live system processes in a nice table, memory information, uptime, and other useful info. This is excellent for managing your system processes, resources and ensure everything is working fine and your server isn't bogged down. top Shift + M to sort by memory usage Shift + P to sort by CPU usage |
| touch | Create an empty file |
| touch /home/burst/public_html/404.html | Create an empty file called 404.html in the directory /home/burst/public_html/ |
| vi | Another editor with tons of features |
| vi /home/burst/public_html/index.html | Edit the index page for the user's website. |
| w | Shows who is currently logged in and where they are logged in from. |
| wc -l filename.txt | It tells how many lines are in filename.txt |
| wc | word count |
Example of Processes for Current Shell
| PID | TTY | TIME | COMMAND |
| 10550 | pts/3 | 0:01 | /bin/csh |
| 10574 | pts/4 | 0:02 | /bin/csh |
| 10590 | pts/4 | 0:09 | APP |
Each line represents one process, with a process being loosely defined as a running instance of a program.
- PID (process ID) shows the assigned process numbers of the processes.
- TTY is the terminal number from which the process was started.
- TIME is the amount of computer time the process uses.
- COMMAND shows the location of the executed process.
How to Use SSH Commands
You will often need to use different commands on the same line. Below are some examples:
- The | character is called a pipe, and it takes a date from one program and pipes it to another.
- | - This is called a pipe. It takes a date from one program and pipes it to another.
- > - Creates a new file and overwrites content that is already there.
- >> - Appends data to a file and creates a new one if it does not already exist.
- < - Sends input from a file back into a command.
- grep User /usr/local/apache/conf/httpd.conf | more - Dumps all lines that match User from the httpd.conf. Prints the results to your screen one page at a time.
- last -a > /root/lastlogins.tmp - Prints all the current login history to a file called lastlogins.tmp in /root/
- netstat -an | grep:80 | wc -l - Shows how many active connections there are to Apache (httpd runs on port 80)
- mysqladmin processlist | wc -l - Shows how many current open connections there are to MySQL
- mysqldump -u username -p dbname > file.sql - MySQL Dump
- mysql -u username -p database_name <file.sql - Imports MySQL database
- tail -10000 /var/log/exim_mainlog | grep domain.com | more - Grabs the last 10,000 lines from /var/log/exim_mainlog, finds all occurrences of domain.com (the period represents 'anything,' comment it out with a so it will be interpreted literally), then sends it to your screen page by page.
- tar -zxvf file.tar.gz - UnTAR file
- which [perl] - Finds path to [perl]
Best Practices for SSH Key Management
Secure Shell (SSH) is important for managing remote servers securely. Here are key security practices to keep in mind.
- Implement two-factor authentication (2FA). Provides an additional layer of security by requiring both a password and a temporary code.
- Implement firewalls. Restrict SSH access to trusted IP addresses or networks to mitigate unauthorized access attempts.
- Disable root login. Direct root login should be disabled in the SSH configuration to prevent attackers from directly accessing the root account.
- Keep SSH software updated. Regularly update your SSH server and client software to ensure the latest security features and patches. This can protect you against known vulnerabilities that attackers might exploit.
Enhance the security of your SSH connections to protect your systems from potential threats.
Summary
Understand the basic SSH commands in Linux that can be used to securely access terminals, transfer files, and tunnel various applications. The commands include file management commands like cat, cd, cp, du, file, find, grep, kill, last, ln, ls, more, netstat, pico, ps, rm, tail, top, touch, vi and w. It is important to be careful when using some of these commands, particularly the "rm" command, to avoid deleting important content that cannot be retrieved without a restore.
If you need further assistance, feel free to contact us via Chat or Phone:
- Chat Support - While on our website, you should see a CHAT bubble in the bottom right-hand corner of the page. Click anywhere on the bubble to begin a chat session.
- Phone Support -
- US: 888-401-4678
- International: +1 801-765-9400
You may also refer to our Knowledge Base articles to help answer common questions and guide you through various setup, configuration, and troubleshooting steps.