Panduan Lengkap Perintah Linux Server
Daftar Isi
- Perintah Dasar
- Manajemen File & Direktori
- Manajemen Proses
- Manajemen User & Permission
- Networking
- Monitoring & Performance
- Package Management
- Service Management
- Log Management
- Backup & Recovery
- Security
- Advanced Commands
Perintah Dasar
Navigasi Dasar
# Melihat direktori saat ini
pwd
# Output: /home/admin
# Pindah direktori
cd /var/log # Pindah ke direktori spesifik
cd .. # Kembali ke direktori parent
cd ~ # Kembali ke home directory
cd - # Pindah ke direktori sebelumnya
# Melihat isi direktori
ls # List sederhana
ls -la # List detail dengan hidden files
ls -lh # List dengan ukuran human readable
ls -lt # List diurutkan berdasarkan waktu modifikasiInformasi Sistem
# Informasi sistem
uname -a # Detail kernel dan sistem
hostname # Nama hostname
whoami # User saat ini
id # User ID dan group ID
date # Tanggal dan waktu
uptime # Waktu sistem berjalan
# Informasi hardware
lscpu # Informasi CPU
free -h # Memory usage (human readable)
df -h # Disk space (human readable)
lsblk # Block devices (disk, USB, etc.)
lspci # PCI devices
lsusb # USB devicesManajemen File & Direktori
Operasi File Dasar
# Membuat file
touch file.txt # File kosong
echo "Hello World" > file.txt # File dengan content
cat > file.txt << EOF
Multi line
content
EOF
# Membaca file
cat file.txt # Tampilkan semua content
less file.txt # Scrollable view
head -n 10 file.txt # 10 baris pertama
tail -n 10 file.txt # 10 baris terakhir
tail -f file.txt # Real-time monitoring
# Copy, Move, Delete
cp source.txt dest.txt # Copy file
cp -r /src/dir /dest/dir # Copy directory
mv old.txt new.txt # Move/rename file
rm file.txt # Delete file
rm -rf directory # Force delete directorySearch & Find
# Find files
find /home -name "*.log" # Cari file dengan ekstensi .log
find /var -type f -size +100M # Cari file > 100MB
find /etc -name "*.conf" -mtime -7 # File .conf yang dimodifikasi 7 hari terakhir
# Search dalam file
grep "error" /var/log/syslog # Cari kata "error"
grep -r "password" /etc/ # Recursive search
grep -i "failed" *.log # Case insensitive
grep -n "error" app.log # Show line numbers
grep -v "debug" app.log # Invert match (exclude)
# Advanced search dengan find + grep
find /var/log -name "*.log" -exec grep "ERROR" {} \;File Compression
# Tar (archive)
tar -czf backup.tar.gz /home/admin # Create compressed archive
tar -xzf backup.tar.gz # Extract compressed archive
tar -tzf backup.tar.gz # List contents without extract
# Zip
zip -r archive.zip /path/to/directory # Create zip
unzip archive.zip # Extract zip
# Compress individual files
gzip file.txt # Compress to .gz
gunzip file.txt.gz # Decompress .gzManajemen Proses
Melihat Proses
# Process list
ps aux # All processes detailed
ps -ef # Alternative format
ps aux | grep nginx # Filter processes
# Real-time monitoring
top # Interactive process viewer
htop # Enhanced top (install: apt install htop)
iotop # I/O monitoring (install: apt install iotop)
# Process tree
pstree # Show process hierarchy
pstree -p # Show with PIDsMengontrol Proses
# Kill processes
kill 1234 # Graceful kill (SIGTERM)
kill -9 1234 # Force kill (SIGKILL)
killall nginx # Kill by name
pkill -f "node app.js" # Kill by command line
# Background & foreground
command & # Run in background
jobs # List background jobs
fg %1 # Bring job 1 to foreground
bg %1 # Resume job 1 in background
nohup command & # Run immune to hangup
# Process priority
nice -n 10 command # Run with lower priority
renice 10 -p 1234 # Change priority of running processManajemen User & Permission
User Management
# Create users
sudo adduser username # Interactive user creation
sudo useradd -m -s /bin/bash username # Non-interactive
# Modify users
sudo usermod -aG sudo username # Add to sudo group
sudo usermod -l newname oldname # Change username
sudo usermod -d /home/newuser username # Change home directory
# Delete users
sudo userdel username # Delete user
sudo userdel -r username # Delete user + home directory
# Password management
passwd # Change own password
sudo passwd username # Change other user password
sudo chage -l username # Password expiry infoGroup Management
# Create groups
sudo groupadd developers
# Add users to groups
sudo usermod -aG developers username
sudo gpasswd -a username developers
# Group information
groups username # Show user groups
getent group developers # Show group membersFile Permissions
# Permission basics
ls -la file.txt # View permissions
chmod 755 script.sh # Set permissions (rwxr-xr-x)
chmod u+x script.sh # Add execute for user
chmod g+w file.txt # Add write for group
chmod o-r file.txt # Remove read for others
# Symbolic permissions
chmod a+r file.txt # Add read for all
chmod u=rwx,g=rx,o=r file.txt # Set specific permissions
# Ownership
sudo chown user:group file.txt # Change owner and group
sudo chown -R user:group /path # Recursive ownership change
sudo chgrp group file.txt # Change group only
# Special permissions
chmod +s script.sh # Set SUID bit
chmod g+s directory # Set SGID bit
chmod +t directory # Set sticky bitNetworking
Network Configuration
# IP configuration
ip addr show # Show IP addresses
ip a # Short version
ip route show # Show routing table
# Network interfaces
nmcli device status # NetworkManager status
nmcli connection show # Network connections
# DNS configuration
cat /etc/resolv.conf # DNS servers
nslookup google.com # DNS lookup
dig google.com # Detailed DNS info
host google.com # Simple DNS lookupNetwork Testing
# Connectivity testing
ping google.com # Basic connectivity
ping -c 4 8.8.8.8 # Send 4 packets
traceroute google.com # Trace route to host
mtr google.com # Continuous traceroute
# Port testing
telnet host port # Test port connectivity
nc -zv host port # Netcat port test
nmap -sT host # Scan open ports
# Bandwidth testing
iperf3 -s # Start iperf3 server
iperf3 -c server_ip # Connect to serverNetwork Monitoring
# Connection monitoring
ss -tulpn # Show listening ports
netstat -tulpn # Alternative to ss
lsof -i :80 # Show processes using port 80
# Network statistics
iftop # Real-time network usage
nethogs # Per-process network usage
sar -n DEV 1 5 # Network statistics every 1 sec, 5 timesMonitoring & Performance
System Monitoring
# Resource usage
top # CPU and memory
htop # Enhanced top
free -h # Memory usage
df -h # Disk usage
du -sh /path # Directory size
# Detailed system info
vmstat 1 # Virtual memory statistics
iostat 1 # I/O statistics
sar # System activity reporter
# Process monitoring
ps aux --sort=-%cpu # Processes sorted by CPU
ps aux --sort=-%mem # Processes sorted by memoryPerformance Analysis
# CPU performance
lscpu # CPU information
cat /proc/cpuinfo # Detailed CPU info
stress --cpu 4 --timeout 30s # CPU stress test
# Memory performance
cat /proc/meminfo # Detailed memory info
stress --vm 2 --vm-bytes 128M --timeout 30s # Memory stress test
# Disk performance
hdparm -Tt /dev/sda # Disk speed test
dd if=/dev/zero of=testfile bs=1G count=1 oflag=direct # Disk write testPackage Management
Ubuntu/Debian (APT)
# Update packages
sudo apt update # Update package lists
sudo apt upgrade # Upgrade installed packages
sudo apt full-upgrade # Full upgrade including dependencies
# Package management
sudo apt install package # Install package
sudo apt remove package # Remove package
sudo apt purge package # Remove with config files
sudo apt autoremove # Remove unused packages
# Package information
apt search package # Search packages
apt show package # Package details
apt list --installed # List installed packages
apt-cache policy package # Package version info
# Repository management
sudo add-apt-repository ppa:user/ppa-name # Add PPA
sudo apt-key add keyfile # Add GPG keyCentOS/RHEL (DNF/YUM)
# Update packages
sudo dnf update # Update all packages
sudo dnf upgrade # Upgrade packages
# Package management
sudo dnf install package # Install package
sudo dnf remove package # Remove package
sudo dnf autoremove # Remove unused packages
# Package information
dnf search package # Search packages
dnf info package # Package details
dnf list installed # List installed packages
# Repository management
sudo dnf config-manager --add-repo repo_url
sudo dnf repolist # List repositoriesService Management
SystemD Commands
# Service control
sudo systemctl start service_name # Start service
sudo systemctl stop service_name # Stop service
sudo systemctl restart service_name # Restart service
sudo systemctl reload service_name # Reload configuration
sudo systemctl status service_name # Check status
# Enable/disable services
sudo systemctl enable service_name # Start on boot
sudo systemctl disable service_name # Don't start on boot
sudo systemctl is-enabled service_name # Check if enabled
# Service information
systemctl list-units --type=service # List all services
systemctl list-units --failed # List failed services
systemctl --failed # Show failed units
# Journal logs
journalctl -u service_name # Service logs
journalctl -u service_name -f # Follow logs
journalctl -u service_name --since "1 hour ago" # Recent logsLegacy Service Commands
# SysVinit (older systems)
sudo service nginx start # Start service
sudo service nginx stop # Stop service
sudo service nginx restart # Restart service
sudo service nginx status # Check status
# chkconfig (enable/disable)
sudo chkconfig nginx on # Enable on boot
sudo chkconfig nginx off # Disable on boot
sudo chkconfig --list nginx # Check statusLog Management
Viewing Logs
# System logs
journalctl # All system logs
journalctl -f # Follow logs in real-time
journalctl -p err # Error logs only
journalctl --since "1 hour ago" # Recent logs
# Traditional log files
tail -f /var/log/syslog # Follow system log
tail -f /var/log/auth.log # Follow authentication log
tail -f /var/log/nginx/access.log # Nginx access log
# Log rotation
logrotate -f /etc/logrotate.conf # Force log rotation
logrotate -d /etc/logrotate.conf # Debug mode (dry run)Log Analysis
# Search logs
grep "error" /var/log/syslog
grep -i "failed" /var/log/auth.log
grep "404" /var/log/nginx/access.log
# Count occurrences
grep -c "error" /var/log/syslog
awk '{print $1}' /var/log/nginx/access.log | sort | uniq -c | sort -nr
# Time-based filtering
grep "$(date '+%b %d')" /var/log/syslog # Today's logs
journalctl --since "2023-12-10" --until "2023-12-11"Backup & Recovery
File Backup
# Simple backup
cp -r /home/user /backup/user_backup_$(date +%Y%m%d)
# Tar backup
tar -czf backup_$(date +%Y%m%d).tar.gz /important/files
# Rsync backup (incremental)
rsync -av /source/ /destination/
rsync -av --delete /source/ /destination/ # Sync deletion
rsync -av -e ssh /source/ user@server:/destination/ # Remote backup
# Exclude patterns
rsync -av --exclude '*.tmp' --exclude 'cache/' /source/ /dest/System Backup
# Full system backup
sudo tar -czf system_backup_$(date +%Y%m%d).tar.gz --exclude=/proc --exclude=/sys --exclude=/dev --exclude=/run /
# Using dd for disk imaging
sudo dd if=/dev/sda of=/path/to/disk_image.img bs=4M
# Clonezilla for disk cloning (GUI tool)Recovery
# Extract tar backup
tar -xzf backup_20231210.tar.gz -C /restore/location/
# Rsync restore
rsync -av /backup/ /restore/location/
# File recovery (if accidentally deleted)
sudo extundelete /dev/sda1 --restore-file /path/to/deleted/fileSecurity
Firewall Management
# UFW (Ubuntu)
sudo ufw enable # Enable firewall
sudo ufw status # Check status
sudo ufw allow ssh # Allow SSH
sudo ufw allow 80/tcp # Allow HTTP
sudo ufw deny 23 # Deny Telnet
sudo ufw delete allow 80/tcp # Remove rule
# firewalld (CentOS)
sudo systemctl start firewalld
sudo firewall-cmd --add-service=http --permanent
sudo firewall-cmd --add-port=8080/tcp --permanent
sudo firewall-cmd --reload
sudo firewall-cmd --list-allSSH Security
# SSH key generation
ssh-keygen -t rsa -b 4096 -C "user@server"
# Copy SSH key
ssh-copy-id user@server
# SSH configuration
sudo nano /etc/ssh/sshd_config
# Important settings:
# PermitRootLogin no
# PasswordAuthentication no
# Port 2222 # Change default port
# Restart SSH
sudo systemctl restart sshdSystem Hardening
# Update system
sudo apt update && sudo apt upgrade -y
# Remove unnecessary services
sudo systemctl disable bluetooth
sudo systemctl disable cups
# Install security tools
sudo apt install fail2ban rkhunter chkrootkit
# Configure fail2ban
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo nano /etc/fail2ban/jail.local
# Scan for rootkits
sudo rkhunter --check
sudo chkrootkitAdvanced Commands
Performance Tuning
# Kernel parameters
sysctl -a # Show all kernel parameters
sysctl vm.swappiness=10 # Reduce swap usage
echo 'vm.swappiness=10' >> /etc/sysctl.conf # Make permanent
# Process limits
ulimit -a # Show current limits
ulimit -n 65536 # Increase file descriptor limit
# CPU affinity
taskset -c 0,1 command # Run on specific CPU cores
taskset -p 0,1 PID # Set affinity for running processAdvanced Networking
# Network namespaces
sudo ip netns add test_ns
sudo ip netns exec test_ns ip addr show
# Bridge configuration
sudo ip link add br0 type bridge
sudo ip link set eth0 master br0
# Traffic control (QoS)
sudo tc qdisc add dev eth0 root handle 1: htb default 30
sudo tc class add dev eth0 parent 1: classid 1:1 htb rate 1mbitContainer Management
# Docker commands
docker ps # List running containers
docker images # List images
docker run -d nginx # Run container
docker exec -it container_id bash # Access container
docker logs container_id # View logs
# Podman (Docker alternative)
podman ps
podman run -d nginx
podman exec -it container_id bashVirtualization
# KVM/QEMU
sudo kvm-ok # Check KVM support
sudo virt-install --name vm1 --ram 1024 --disk size=10 --cdrom ubuntu.iso
# libvirt
virsh list --all # List all VMs
virsh start vm1 # Start VM
virsh console vm1 # Access VM consoleTips & Tricks
Productivity Commands
# Command history
history | grep command # Search command history
Ctrl+R # Reverse search in history
!! # Repeat last command
!n # Execute command number n from history
# Aliases
alias ll='ls -la' # Create alias
alias ..='cd ..'
alias grep='grep --color=auto'
# Make aliases permanent
echo "alias ll='ls -la'" >> ~/.bashrc
source ~/.bashrc
# Command chaining
command1 && command2 # Run command2 only if command1 succeeds
command1 || command2 # Run command2 only if command1 fails
command1 ; command2 # Run both regardless of successUseful One-Liners
# Find and delete large files
find / -type f -size +100M -exec ls -lh {} \; 2>/dev/null
# Count connections per IP
netstat -an | grep ESTABLISHED | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -nr
# Monitor directory changes
watch -d 'ls -la /path/to/directory'
# Generate random password
openssl rand -base64 32
# Convert video to GIF
ffmpeg -i video.mp4 -vf "fps=10,scale=320:-1:flags=lanczos" -c:v gif output.gif
# Batch rename files
for f in *.txt; do mv "$f" "${f%.txt}.bak"; doneQuick Reference Cheat Sheet
File Operations
ls -la # List files detailed
cd /path # Change directory
cp src dest # Copy
mv old new # Move/rename
rm file # Delete
mkdir dir # Create directory
rmdir dir # Remove empty directoryProcess Management
ps aux # List processes
kill PID # Kill process
killall name # Kill by name
top # Monitor processesSystem Info
uname -a # System info
df -h # Disk usage
free -h # Memory usage
uptime # System uptimeNetwork
ip addr show # IP addresses
ping host # Test connectivity
netstat -tulpn # Listening portsPanduan ini mencakup perintah-perintah Linux server yang paling umum digunakan. Untuk informasi lebih detail tentang setiap perintah, gunakan manual pages dengan man <command> atau --help.
Terakhir diperbarui: Desember 2025