Debian Command-line Reference



info <program-name>

man <program-name>

Documentation shipped with each package, other than man and info pages, such as README.Debian, changelog.Debian.gz and NEWS is kept at /usr/share/doc/<package name>.

System Information

Display running kernel version: uname -a

Display Version of Debin this is or is based on:
cat /etc/debian_version

Package Management

Package Management - apt-get

Useful switches for apt-get:

Update the list of available packages from the apt sources: apt-get update

Install the newest versions of all packages currently installed on the system from the sources enumerated in /etc/apt/sources.list. Packages currently installed with new versions available are retrieved and upgraded; under no circumstances are currently installed packages removed, or packages not already installed retrieved and installed. New versions of currently installed packages that cannot be upgraded without changing the install status of another package will be left at their current version. An update must be performed first so that apt-get knows that new versions of packages are available.: apt-get upgrade

In addition to performing the function of upgrade, also intelligently handles changing dependencies with new versions of packages; apt-get has a "smart" conflict resolution system, and it will attempt to upgrade the most important packages at the expense of less important ones if necessary. The dist-upgrade command may therefore remove some packages.: apt-get dist-upgrade

Clear out the local repository of retrieved package files: apt-get autoclean (only removes package files that can no longer be downloaded, and are largely useless)

Clear out the local repository of retrieved package files: apt-get clean

Remove packages that were automatically installed to satisfy dependencies for other packages and are now no longer needed: apt-get autoremove

Package Management - aptitude

Useful switches for aptitude:

Update the list of available packages from the apt sources: aptitude update

Install specific package(s): aptitude install <package> <package> <package>

Upgrade installed packages to their most recent version: aptitude safe-upgrade
(Use with -svVZD for a simulated run with lots of detail; use with -vVZD to run for-real with lots of detail)

Upgrade installed packages to their most recent version, removing or installing packages as necessary: aptitude full-upgrade

Clear out the local repository of retrieved package files. The difference with "clean" is that it only removes package files that can no longer be downloaded, and are largely useless. This allows a cache to be maintained over a long period without it growing out of control: apt-get autoclean

Clear out the local repository of retrieved package files: aptitude autoclean (only removes package files that can no longer be downloaded, and are largely useless)

Clear out the local repository of retrieved package files: aptitude clean

Try hard to fix the dependencies of broken packages, even if it means ignoring the actions requested on the command-line: aptitude -f install

Package Management - Misc

Search for a package by name or part of name: apt-cache search <package>

Show whether a package is installed or not: dpkg -l <package> (or list all installed packages and their versions: dpkg -l)

aptitude search <package> will do the job of both of the above

Download and display the Debian changelog for each of the given source or binary packages. By default, the changelog for the version which would be installed with “aptitude install” is downloaded. You can select a particular version of a package by appending = to the package name; you can select the version from a particular archive or release by appending / or / to the package name (for instance, /unstable or /sid).: aptitude changelog

Download the .deb file for the given package to the current directory: aptitude download

Display detailed information about a package: apt-cache show <package> or aptitude show <package> or dpkg -p <package>

Display information about a package's version, dependencies and reverse dependencies: apt-cache showpkg <package>

Display more detailed information about a package's versions available and where they'll be installed from: apt-cache policy <package>

list all files included with a particular package: dpkg -L <package>

Find which package provided a particular file: dpkg -S <file> or use or use or on #debian !find <file> <Debian version name>

Display information about a package including its configuration files: dpkg -s <package>

Add Apt download sources: apt-setup (this command not available in Sarge but not Testing/Etch)

Add a CD/DVD to your sources list: apt-cdrom add -d /...

Reconfigure a package: dpkg-reconfigure <package>

Choose a specific priority for questions: dpkg-reconfigure -plow|medium|high|critical <package>

List all installed packages with version number and a summary of their purpose: dpkg -l

See if a particular package is installed and what version it is: dpkg -l | grep <package>

Find the location of a package: whereis <package>

List package signing keys: apt-key list

System Configuration



Debian base system configuration. (not included in Testing/Etch): base-config

Files and directories

List files and directories, with information on permissions and (human readable) file sizes:
ls -lh

List files and directories, with information on permissions and (human readable) file sizes and without hiding those beginning with a '.':
ls -alh

List files and directories, without hiding those beginning with a '.', listing entries by columns and appending an indicator to entries to signify their type:
ls -aCF

Copy a directory, recursively, to a new location, preserving timestamps:
cp -a <source directory> <destination directory>
If the new directory doesn't exist it will automatically be created, if it does exist then files will be overwritten unless you additionally instruct it not to. Copying the whole directory ensures hidden files / dotfiles (.*) are copied, which would be omitted if you used *.
Use -i to be prompted before overwriting existing files, use -n to not overwrite existing files, use -u to only overwrite existing files when the source file is newer than the destination file.
For verbosity add -v but note that it slows the operation down.
(-a is the same as -dpR where -d is 'same as --no-dereference --preserve=links' where --no-dereference is 'never follow symbolic links in SOURCE' and --preserve[=ATTR_LIST] is 'preserve the specified attributes (default: mode,ownership,timestamps)'); -p is 'same as --preserve=mode,ownership,timestamps'; -r is 'copy directories recursively')
Alternatively you could achieve this in two lines using:
copy everything beginning with a '.', apart from '..':
cp -a <source directory>/.[^.]* <destination directory>/
copy everything else, everything that doesn't begin with a '.':
cp -a <source directory>/* <destination directory>/

Copy files and directories (all of them not beginning with a '.', and all of them beginning with a '.' followed by a number or letter) from the current location, recursively, preserving timestamps:
cp -a * .[0-z]* <destination directory>/

Copy files from source directory to target directory, replacing files in target if older than those in source, deleting source files as it progresses (requires the rsync package be installed); like if you were able to 'mv -u <source directory>/* <target directory>/ -r' but you can't in BASH:
rsync -avz --update --remove-source-files <source directory>/ <target directory>

Find any files that contain specific text (case insensitive) in a specific directory and below:
grep -rin "<text to search for>" <directory to search in>
(leave out the i switch for case sensitive; use * in place of directory to indicate current directory)

Display the appended contents of a file whilst it grows:
tail -f <file>
With more than one file, precede each with a header giving the file name. Useful for looking at log files.

Display the last 10 lines of a number of files at once:
tail <one file> <another file>

Display the size taken up by files and directories:
du --max-depth=1 -h | sort -rn.
Use --si in place of -h for a similarly human-readable output but using powers of 1000 not 1024 (i.e. mebibytes rather than megabytes).
This can take a long time to run and can consume large amounts of CPU and memory resources. If you increase 'max-depth' it will display results from deeper in the directory tree, showing you deeper directories with large sizes, but it shows too many directories with insignificant sizes. I find it easiest to use 'max-depth=1' and if you find a large directory that you want to investigate further you drill down into it by moving into it and using du again. The sort somewhat sorts the list by size but is far from perfect as Kilobyte, megabyte and gigabytes are separated.

Find files larger than a specific size (e.g. +512000k is 0.5GB, +1048576k is 1GB, and this looks in /home):
find /home -type f -size +1048576k -exec ls -lh {} \; | awk '{ print $8 ": " $5 }'

Find a file, case insensitively, looking recursively down from the current position:
find -iname <filename> or find -iname *<filename>* or find -iname <filename>* or find -iname *<filename>

Find a file, case sensitively, looking recursively down from the current position:
find -name <filename> or find -name <filename*>

Find a file:
(use updatedb after you've made changes to the files on the system, such as when installing a package)

Change mode:

Change ownership:

Change a file's creation date:
touch -d 19-sept-2007 <file>

Change a file's creation time:
touch -m -d 08:17:10 <file>

Rename multiple files - examples:
rename 'y/A-Z/a-z/' *
rename 's/Goriia/Gorilla/' *

Users and Groups

Add a user: adduser <user>

Delete a user: deluser <user>

Add a group: addgroup <group>

Delete a group: delgroup <group>

Add a user to a group: adduser <user> <group>

Delete a user from a group: deluser <user> <group>

Change a user's UID: usermod -u <new UID> <username>

Force logout of an abandoned SSH session on a particular terminal: fuser -k /dev/pts/0


Hostname of the machine is defined in /etc/hosts and /etc/hostname.

IP address configuration is defined in /etc/network/interfaces unless NetworkManager is managing it.

DNS address is defined in /etc/resolv.conf. But note if resolvconf is managing it you should define the addresses via resolvconf.

Configure a network interface: ifconfig - i.e. ifconfig eth0 netmask broadcast route? gateway?

Disable a network interface: ifdown eth0

Enable a network interface: ifup eth0

Restart all networking: /etc/init.d/networking restart

Look for a DHCP server and renew the IP address: dhclient

Find the machine's IP address:

Find the machine's IP address: ip addr

Show open ports and whether they listen on just localhost or for remote connections: netstat -l -t -p

Display the routing table: netstat -r

Display listening programs and ports: netstat -pln

Probe a machine for open ports: nmap -v -A <IP address or hostname>

Get details of how ethernet network card is operating including speed, auto-negotiation, duplex, etcetera (requires the ethtool package)
ethtool <ethernet interface i.e. eth0>

List available network interfaces: ip link show


Download new version of the PCI ID list: update-pciids - "If you have not updated PCI IDs on your system in while, it is a good idea to keep it updated once in a while. If you notice that lspci command is not displaying the proper device name for any of the devices that are connected to your PCI bus, this might be because the PCI IDs on your system is not current."

Comprehensive list of hardware: lshw (requires the 'lshw' package be installed)

Compact list of hardware: lshw -short (requires the 'lshw' package be installed)

Compact list of hardware, giving bus that devices are on: lshw -businfo (requires the 'lshw' package be installed)

List all PCI (and PCMCIA) devices: lspci

List all USB devices: lsusb

List some PCMCIA device information: lspcmcia

Turn on DMA (use with caution): hdparm

Scan hardware (needs installing): discover

Get a listing of the devices found on the USB do: cat /proc/bus/usb/devices

echo "scsi add-single-device 1 0 5 0" > /proc/scsi/scsi
 ^   ^
 |   |
    SSCI-bus --+   +-----  SCSI-id

Linux provides a simple mechanism to probe a SCSI device on demand. The kernel will probe and recognize the device. This needs to be done as root. (The first zero stands for the first SCSI-channel on your adapter and the last one for the LUN).
Another method (if you're using modules and if the scanner is the only device on the bus) is to unload the modules (SCSI-card and SG) and reload them.
Take a look at scsidev, a utility that comes with Debian distributions. SuSe nowadays comes with a script And finaly, Oliver Rauch has a tool available. See

scsiadd (not installed by default)

List available network interfaces: ip link show

Disks and Partitions

Setting Up Partitions

List all block devices: lsblk

List partitions on a disk: fdisk -l

Partition a disk / Define or redefine the partition's filesystem type that will be used on it:
# cfdisk /dev/<disk device reference i.e. sdb>
Choose 'Type' → choose the filesystem type such as '83 Linux', '0B W95 FAT32', '0C W95 FAT32 LBA' (I need to research the difference between these two), '07 HPFS/NTFS' (AKA NTFS) → choose Write

Format a partition. When you create partition(s), decide what filesystem you want to use. The most likely you'll want for GNU/Linux is ext3, but you may for example be formatting flash media which usually use FAT.

Format partitions using the correct tool for the particular file system. (-cc does a read-write bad block test before creating the file system (which can take a very long time); -c does just a read test (which is quicker); leave out the -c for a quicker but non-testing format.

Label a partition

Set permissions on a removable disk (and any of its files and directories) so that anyone can write to the disk. Without this regular users can't write to the disk. If you want to use more restrictve permissions then user/group numbers have to be the same on all systems the disk will be plugged into:
chmod -R ugo+rwx /media/<partition label>

Check a partition's ext2/ext3 formatted filesystem for defects, and if required repair it, (do NOT run this on a mounted filesystem, though it will warn you if the file system is mounted):
e2fsck -p /dev/<disk partition reference i.e. sdb1>

Disk and Partition Information

List the partition tables of all attached disks (describes partition names and filesystem types)
# fdisk -l

List the contents of the filesystem superblock, which gives plenty of partition information such as the inode size:
tune2fs -l /dev/<disk partition reference i.e. sda1>

cat /etc/fstab



hwinfo --block --short

Copying Partitions

Copy one partition to another

Copy a floppy disk image to a floppy disk:
dd if=filename.img of=/dev/fd0 bs=1024 conv=sync

Linux RAID

Example RAID partition: /dev/md0

Get brief details of a RAID partition:
mdadm --query <RAID partition>

Get full details of a RAID partition:
mdadm --detail <RAID partition>


Set the level at which logging of messages is done to the console: dmesg -nlevel1
(-1 prevents all messages, except panic messages)


tar and gzip

Copying Files Between Machines

Securely copy a single file from 'server' (logged into as root) to this computer: scp root@server:/etc/passwd .

Securely recursively copy a directory from 'server' (logged into as root) to this computer: scp -r root@server:/etc/* .

Securely copy a single file from 'server' (logged into as root) to this computer, preserving modification times, access times, and modes from the original file: scp -pr root@server:/etc/* .


Display amount of free and used memory in the system, including swap, in megabytes:
free -m

Virtual memory statistics - displays a table of various event counters and memory statistics:
vmstat -s

Virtual memory statistics - display a list of active/inactive memory:
vmstat -a

Processes / Running Programs

htop (requires the 'htop' package)



/etc/init.d/<package> restart | start | stop

ps - report a snapshot of the current processes

List all files open and by which program and user: lsof

Count the number of open files:
lsof | wc -l

Get process IDs of all copies of a running program: pgrep <program>

Get an extended memory map of a process or processes:
pmap -d <process ID>


kill - kill a running process

Modules (known as 'drivers' in Windows)

Get information about a running module: modinfo <module>

Specifically, get the version of a running module: cat /sys/module/<module>/version or modinfo <module> |grep -i version

Install a loadable module in the running kernel: insmod

Show the status of modules in the kernel: lsmod


Show lots of information about a kernel module: modinfo <module>


Configure modules: modconf

Time and Date

Manually set system time and date

Set the time, example:
date -s 11:25

Set the date, example:
date -s 10/20/2007

Set the time and date, example:
date -s "10/20/2003 11:25:00"

Screen Capture

screen -D -R

Run your command.

Disconnect from screen by pressing CTRL-A then D.

When you login to the machine again, reconnect by running screen -D -R. You will be in the same shell as before. You can run jobs to see the suspended process if you did so, and run %1 (or the respective job #) to foreground it again.

Ctrl a c - Creates a new screen session so that you can use more than one screen session at once.

Ctrl a n - Switches to the next screen session (if you use more than one).

Ctrl a p - Switches to the previous screen session (if you use more than one).

Ctrl a d - Detaches a screen session (without killing the processes in it - they continue).

To close a screen session where all tasks are finished: exit.

Network Packet Capture

Display a synopsis of packets transferred through an ethernet interface:
# tcpdump -i <ethernet interface i.e. eth1>

You can pipe through grep if you're looking for a particular IP address

Finding Info About Hosts

Get DNS A (IP address) record for a domain:
dig <domain name to search for>

Get DNS A (IP address) and NS (nameserver) records for a domain:
dig <domain name to search for> any

Get DNS MX (mail exchange) record for a domain:
dig <domain name to search for> mx

Reverse DNS lookup for a domain - map IP address to a name:
dig -x <IP address to lookup>

Get registrant, registrar, registration and renewal dates
whois <domain name to search for>

Get detailed host information (name, address, IP address block)
whois <IP address to lookup>

Detect operating system, server software and versions:
nmap -A <IP address to scan>

Note: with dig you can use '@<name server domain name>' when troubleshooting DNS issues to query a specific DNS server, from root name servers downwards.

Note: with dig you can use '+trace' to show the full delegation path.

Swap Space

Display amount of free and used memory in the system, including swap, in megabytes: free -m

Display swap usage summary: swapon -s

Specify a label (for use by fstab, swapon and swapoff): mkswap -L <label> <device>

To check that your swap space is being automatically mounted without having to reboot, turn off all swap spaces using swapoff -a and then mount all swap spaces listed in /etc/fstab using swapon -a.

To do

mount -t smbfs -o username=winadmin,password=winadmin //server/winadmin /media/server

Run a command repeatedly, displaying its output (the first screen-full): watch <command>
This allows you to watch the program output change over time. By default, the program is run every 2 seconds.