SSH Connection Tool
# Tool 1: XshellThis is a familiar software, I am currently using Xshell_7# Tool 2: FinalShellDomestic software, Windows and MAC version; It's easy to use and free, but the software takes up a lot of memory. But it's 2021, and laptops start with 16 gigabytes of memory, so it's not a problem.Tool 3: SecureCRTThe software is more professional, generally in English interface; A frequent Linux user, this software is a good choice.Copy the codeView the system version information
# lsb_release -a Some Linux systems do not have this command
Cat /etc/centos-release
[root@ncayu618 ~]# lsb_release -aLSB Version: : Core-4.1-AMD64: Core-4.1-noarch Distributor ID: CentOS Description: CentOS Linux release 7.9.2009 (Core) release: 7.9.2009 Codename: Core# Check the Linux version name.
[root@ncayu8847 ~]# cat /etc/centos-release
CentOS Linux release 7.5.1804 (Core)
Display the running kernel version.
[root@ncayu8847 ~]# cat /proc/version
Linux version 3.10.0-862.14.4.el7.x86_64 ([email protected]) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-28) (GCC) ) #1 SMP Wed Sep 26 15:12:11 UTC 2018
Display information about the computer and operating system.
[root@ncayu8847 ~]# uname -aLinux ncayu8847 3.10.0-862.14.4. El7. X86_64#1 SMP Wed Sep 26 15:12:11 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Check the Linux system architecture so that we can download the appropriate package to install.
[root@ncayu8847 ~]# arch
x86_64
Copy the codeViewing the IP Address
# Check IP address in LinuxIfconfig (commonly used) IP addr (instead of ifconfig) can be shortened to IP A# Filter out IP addresses, which can be used to write shell scripts.The ifconfig -a | grep inet | grep -v 127.0.0.1 | grep -v inet6 | awk'{print $2}'|tr -d "addr:"|awk 'BEGIN{RS="\n"; ORS=" "; }{print $0}'
Copy the code[root@ncayu8847 ~]# ip addr1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host LO valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:16:3E :16:3c:2b BRD FF: FF :ff: FF: FF inet 172.18.3.0/20 BRD 172.18.15.255 scope Global Dynamic eth0 VALID_LFT 310954450sec preferred_lft 310954450sec [root@ncayu8847 ~]# ip a1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host LO valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:16:3E :16:3c:2b BRD FF: FF :ff: FF: FF inet 172.18.3.0/20 BRD 172.18.15.255 scope Global Dynamic eth0 VALID_LFT 310954378sec preferred_lft 310954378secCopy the codeViewing CPU Information
Check CPU information
cat /proc/cpuinfo
Check memory information
cat /proc/meminfo
Display system time and load averageUptime w who top Command Top command * After running the top command, you can press 1. You can view the usage of a single CPU. * After running the top command, you can press 2. You can view the usage of a single memory# Log Management: Analysis tool: ELK
The /var/log message log file is used to check whether the system has a problem.
# View memory, disk
df -h
free -m
Copy the codeView information about memory disks
# Disk information
[root@ncayu8847 ~]# df -hFile system capacity Used Used % Mount point /dev/vda1 40G 32G 5.4g 86% / devtmpfs 1.9g 0 1.9g 0% /dev TMPFS 1.9g 0 1.9g 0% /dev/shm TMPFS 1.9G 720K 1.9g 1% /run TMPFS 1.9g 0 1.9g 0% /sys/fs/cgroup TMPFS 379M 0 379M 0% /run/user/0 /dev/vdb 100G 63G 38G 63% /ncayu# Memory information
[root@ncayu8847 ~]# free -m
total used free shared buff/cache available
Mem: 3789 1768 118 0 1902 1736
Swap: 0 0 0
Copy the codeFile upload and Download
You can also set the upload and download directories option----session options ---- Files Transfer you can set the upload and download directoriesCopy the codeWindows check the number of CPU cores and threads
# 1. Enter command "wmic" in CMD window
# 2. Then type in the window that appears
cpu get Name Check the physical CPU name
cpu get NumberOfCores Check the number of CPU cores
cpu get NumberOfLogicalProcessors Check the number of CPU threads
Copy the codeFind files in Linux
Linux Find directory where a file resides find path-name file name For example, run the find / -name logo_web. PNG command to find the logo_web. PNG file in /. [root@dsjpt07 data]# find / -name demo-springboot-starter-0.0.1- snapshot.jar
/usr/local/ tools/demo - springboot - starter - 0.0.1 - the SNAPSHOT. The jarCopy the codeViewing User Groups
1. Cat /etc/passwd. 2. Cat /etc/group When you modify a user group, you need to change cat to vim. Such as vim/etc/groupCopy the codeChange the password of user root
In Linux, log in to the system as root and run the passwd username command. Then enter the new password as prompted. Enter the new password again. Example: [root@ncayu618 ~]# passwd root
Changing password for user root.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
Copy the codeView the IP address of the Linux host
ifconfig # check all IP addresses
## Filter out IP addresses that can be used to write shell scripts.The ifconfig -a | grep inet | grep -v 127.0.0.1 | grep -v inet6 | awk'{print $2}'|tr -d "addr:"|awk 'BEGIN{RS="\n"; ORS=" "; }{print $0}'
Copy the codeView ports by process number
netstat -nap | grep 21587
Check the port number by process ID
Copy the codeVerify the MD5 value on Linux
The method of verifying MD5 on Windows is tedious, but it is easier on Linux. First, open Center OS7 on the VM and use Xshell for remote connection, create a file 11.txt, and use MD5sum to give the MD5 value of 11.txt, as shown in the following figure. TXT means to create a file named 11.txt, md5sum is followed by the path to get the MD5 value of the file
[root@Pengfei test02]# md5sum cions. TXT # get md5 value of cions. TXT
472a616feeac128d47c058af07001e2d cions.txt
[root@Pengfei test02]# md5sum data. TXT # md5sum data. TXT
37e07e96f2ad41760cd30ba15146be0b data.txt
## Application scenario
Percona mysql MD5
[root@ncayu8847 software]# md5sum Percona Server - 5.7.33-36 - Linux. X86_64. Glibc2.12. Tar. Gz6992 b38f1085b6b0b30c8df833f043dc Percona Server - 5.7.33-36 - Linux. X86_64. Glibc2.12. Tar. GzCopy the codeUnpack the command
gzip -d abcsql.gz
unzip abcsql.zip
tar xzvf abcsql.tar.gz
Copy the codeThe top command
Tools similar to Top:# glances
# htop
Copy the codeThese two tools need to download and install, the experience is pretty good.
Glances is an open source command line system monitoring tool for Linux and BSD. It is developed in Python language and can monitor CPU, load, memory, disk I/O, network traffic, file system, system temperature and other information.
Glances provides Unix and Linux performance specialists with the ability to monitor and analyze performance data, including:
- CPU utilization
- Memory usage
- Kernel statistics and run queue information
- Disk I/O speed, transfer, and read/write ratios
- Available space in the file system
- Disk adapter
- Network I/O speed, transmission, and read/write ratios
- Page space and page speed
- The process that consumes the most resources
- Computer information and system resources
Glances displays important system information in real time on the user’s terminal and updates it dynamically. This efficient tool works on any terminal screen. And it doesn’t consume a lot of CPU resources, usually less than two percent. Glances displays the data on the screen and updates it every two seconds. You can also change this interval to a longer or shorter value yourself. Glances also captures the same data into a file for later analysis and graphing of reports. The output file can be in spreadsheet format (.csv) or HTML format.
View ports by PID
[root@ncayu618 ncayu618]# netstat -antup|grep 2150TCP 0 52 172.18.55.8:22 116.237.140.20:36130 ESTABLISHED 2150/ SSHD: root@pts [root@ncayu618 ncayu618]#
Query port and PID by application
$ ss -naltp|grep prometheus
Copy the codeCheck whether the firewall is enabled
Check the firewall service status systemctl status Firewalld Active: Active (RUNNING) if Active is highlighted, it indicates that the firewall service is started. Firewall -cmd --state 3. Start, restart, close, firewalld. Service Start service firewalld start Restart service firewalld Run the following command to restart the service firewalld stop command: restart Run the service firewalld stop command. 4. View firewall rules firewall-cmd --list-all 5 --query-port=8080/ TCP Open port 80 firewall-cmd --permanent --add-port=80/ TCP remove port firewall-cmd --permanent --remove-port=8080/tcpRestart the firewall (after modifying the configuration)Firewall-cmd --reload 1. Firwall-cmd: is a tool provided by Linux to operate the firewall. 2. - permanent: indicates persistent. 3. - add-port: indicates the port to be added. (1) Enable the firewall after startup: systemctlenableFirewalld. Service (2) Set systemctl to disable firewall upon startupdisableFirewalld. Service (3) Start the firewall: systemctl start firewalld (4) Disable the firewall: systemctl stop firewalld (5) Check the firewall status: systemctl status firewalld#centos6.x Check the firewall
[root@centos6 ~]# service iptables statusIptables: No firewall is running. Enable the firewall: [root@centos6 ~]# service iptables startDisable the firewall: [root@centos6 ~]# service iptables stopRestarting the Firewall [root@centos6 ~]# service iptables restart
#centos6.x Add firewall port1. Open 80,22, 8080 port /sbin/iptables -I INPUT -p TCP --dport 80 -j ACCEPT /sbin/iptables -I INPUT -p TCP --dport 61616 -j ACCEPT /sbin/iptables -I INPUT -p tcp --dport 9100 -j ACCEPT 2. Save/etc/rc. D/init. D/iptables save 3. D /iptables status 4. Disable the port (port 7777 is used as an example) vi /etc/sysconfig/iptables Open the configuration file and add the following statements: -A INPUT -p tcp -m state --state NEW -m tcp --dport 7777 -j DROPCopy the codeExample Query all occupied ports
Netstat -tulnp -t(TCP) displays only tcp-related -u(udp) displays only UDP-related -l(listening) displays only the listening service port -n(numeric) does not parse names, and aliases are not used for numeric expressions (localhost is changed to 127.0.0.1, for example) -p(programs) shows the PID of ports and program names to check whether a single port is in use. By netstat tulnp | grep port number to view the current port is being used For example: netstat tulnp | grep, 3306Copy the codeCheck whether the port is open
Netstat tool detects open ports [root@DB-Server Server]# netstat -anlp | grep 3306
### NMAP is a network scanning and host detection toolNmap can be used in long caps, not expanded here. As shown below, nmap 127.0.0.1 looks at open ports on the machine and scans all ports. Of course, you can also scan other server ports. yum install nmap; [root@ncayu618 ~]# nmap 127.0.0.1Starting Nmap 6.40 (http://nmap.org) at 2021-05-19 11:14 CST Nmap Scan ReportforLocalhost (127.0.0.1) Host is up (latency). Not shown: 995 closed ports PORT STATE SERVICE 22/tcp open ssh 25/tcp open smtp 3000/tcp open ppp 9090/tcp open zeus-admin 9100/tcp open jetdirect Nmapdone: 1 IP address (1 host up) scanned in 1.58 seconds
Copy the codeLinux creates a new user
To add a user, run the adduser command:
adduser ncayu
Add a user named ncayu
passwd ncayu
# change password
Changing password for user ncayu.
New UNIX password: Enter a new password here
Retype new UNIX password: Enter the new password again
passwd: all authentication tokens updated successfully.
#2. Grant root permission
# change /etc/sudoers file, find the following line, add a line under root, as follows:
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
ncayu ALL=(ALL) ALL
Ncayu = "ncayu"; sudo = "root";
Copy the codeChanges the user group of a file
In the shell, you can use the chown command to change the file owner. The chown command is short for change owner. Note that the user name must already exist in the system, that is, the user name can only be changed to the user name recorded in the /etc/passwd file. The chown command has many uses, including changing the name of the user group directly. In addition, if you want to change the owner of all subdirectories or files in a directory at the same time, simply add the -r parameter. Basic syntax: chown [-r] Account name File or directory CHown [-r] Account name: user group name File or directory Parameter: -r: continuous changes are made recursively, that is, all files and directories in the subdirectory are updated into this user group. Often used to change a directory.# such as:
chown ncayu:ncayu /prometheus
chown -R ncayu:ncayu /prometheus
Copy the code