Linux Basics: Core Concepts and Essential Commands

The "difficulty" of Linux often lies not in the commands themselves but in whether you have a clear system map: why it's suited for servers, what its multi-user/multi-task and permission models mean in daily operations, what commonalities and differences exist across distributions in package management and directory layout, and what to do after your first login. This post serves as the entry guide for the entire Linux series. I'll first establish core concepts, then walk you through the most commonly used commands covering "file navigation — viewing and editing — remote connections — basic permissions and users." The goal is not to pile up a command reference but to take you from "able to log in" to "having a basic sense of direction"— each topic is introduced briefly, then you're guided to corresponding deep-dive articles (Disk Management, File Permissions, User Management, Service Management, Process Management, Package Management, Advanced File Operations). Afterward, learning any specialized topic will be much smoother.

Core Linux Philosophy: Why Learn It, Why It's Designed This Way

Why Choose Linux (Especially for Servers)

• Highly Customizable: Open-source and free to use; all components can be modified or customized as needed. If you need to slim down a system, customize the kernel, or optimize for specific hardware, Linux is the most flexible choice.
• Stable and Reliable: Linux is widely used in servers, embedded systems, and more, with strong stability and fault tolerance. Many critical systems (finance, telecommunications, cloud platforms) run Linux, with uptime reaching years without reboots.
• Powerful Ecosystem: Built-in powerful package managers and rich open-source software resources, such as apt (Debian/Ubuntu), yum/dnf (RHEL/CentOS). Most tools you need (databases, web servers, monitoring tools, development languages) can be installed directly via package managers without hunting down installers.
• Everything is a File: The filesystem abstracts various devices, allowing unified access to disks, network devices, and peripherals. This design philosophy makes Linux interfaces very consistent: whether reading disk data, viewing process information, or configuring networks, you're "reading and writing files." This consistency makes automation scripts very simple.
• Command-Line First, but GUIs Exist: Many operations are more efficient via CLI (Command Line Interface), making remote management and batch operations highly effective. Server environments predominantly use command lines, but if you want a graphical interface (like desktop Linux), many distributions provide out-of-the-box GNOME/KDE desktops.

Common Distributions: A Brief Comparison (Which to Choose?)

• Ubuntu/Debian Family: Package manager is apt, active community, rich documentation, suitable for beginners and developers. Ubuntu LTS (Long Term Support) is a common choice for cloud servers.
• CentOS/RHEL Family: Package manager is yum or dnf (CentOS 8+ / RHEL 8+), suitable for production environments, good stability, strong enterprise support. CentOS Stream is upstream of RHEL; AlmaLinux / Rocky Linux are community alternatives to CentOS.
• SUSE Family: Uses zypper, common in enterprise environments and SAP-related deployments, popular in European enterprises.
• Arch Linux: Rolling release model, newest software versions, but higher requirements for operators (needs manual configuration of many things). Suitable for users who enjoy tinkering and pursuing the latest software.

Practical Selection Advice:

• For learning or development, recommend Ubuntu LTS (abundant docs, active community).
• For enterprise production environments, recommend RHEL family (RHEL / AlmaLinux / Rocky Linux, stable with commercial support).
• For cloud servers, check cloud provider recommendations (AWS recommends Amazon Linux, Alibaba Cloud recommends Alibaba Cloud Linux, but Ubuntu and CentOS families are also well-supported).

Three Core Linux Principles (Understanding These Makes Many Design Choices Less Strange)

1. Multi-User, Multi-Task

Multiple users can log in simultaneously (via SSH, tty, etc.), and each user can run multiple tasks (processes) in parallel. This differs from Windows' typical "only one user at a time" scenario — on a Linux server, dozens of users might be running different tasks simultaneously, and the system needs to isolate their permissions, resources, and files.

This is why Linux's permission model is so strict: you can't casually view others' files or kill their processes.

2. Permission Mechanism: File-Centric

Linux permission management centers on files (including directories), using read (r), write (w), execute (x) permissions and combinations of owner / group / others to manage access control.

Each file has three permission groups (owner / group / others), each with rwx three bits, determining "who can do what." For example:

• rwxr-xr-x: owner can read/write/execute, group and others can read/execute but not write.
• rw-------: owner can read/write, group and others can't do anything (common for private key files like ~/.ssh/id_rsa).

Why this design? Because Linux is a multi-user system; without permission control, anyone could delete others' files or modify system configurations, causing chaos.

In-depth content on permissions (SUID/SGID/Sticky bit, ACL, umask, etc.) is covered in the 《 Linux File Permissions 》 specialized article; here you only need to know the basics.

3. Everything is a File (Unified Abstraction Interface)

In Linux, almost everything is abstracted as a "file," including:

• Regular files (text, binary, scripts)
• Directories (also a special kind of file)
• Devices (/dev/sda is the first SCSI/SATA hard drive, /dev/tty is terminal)
• Process information (under /proc/<pid>/ you can see various process info)
• System information (under /sys/ you can see hardware device tree)
• Pipes, sockets (inter-process communication can also be through "files")

Benefit: Consistent interface. You can use the same commands (cat, echo, >, <, etc.) to operate on files, devices, and process information. For example:

• cat /proc/cpuinfo to view CPU info
• echo 1 > /sys/class/leds/led0/brightness to control LED brightness
• cat /dev/urandom | head -c 16 > random.bin to generate random numbers

This consistency makes Linux automation scripts very powerful.

---

First Login: What Should You Do

Suppose you've received SSH login info for a Linux server (IP, username, password). After your first login, you should:

1. Confirm Your Identity and Permissions

After logging in, look at the command prompt:

• root@hostname ~ #: You're the root user (superuser, unlimited permissions), prompt is #.
• user@hostname ~ $: You're a regular user, prompt is $.

Security Recommendation: Don't log in directly as root for daily operations. Use a regular user account and use sudo when permissions are needed. Reasons:

• Root permissions are too broad; one rm -rf / can delete the entire system (although many modern systems block such dangerous commands, the risk is still high).
• Logs show which user executed which sudo command, but if everyone logs in as root, you can't tell who did what.

2. See Where You Are (pwd / ls)

pwd  # Display current directory (Print Working Directory)
ls   # List files and directories in current directory
ls -lah  # -l shows details, -a includes hidden files (starting with .), -h human-readable sizes

3. Check System Information

uname -a  # Check kernel version, hostname, hardware architecture
cat /etc/os-release  # Check OS distribution info
hostnamectl  # View/set hostname, OS type, kernel, etc. (Systemd era command)
df -h  # Check disk usage (Disk Free)
free -h  # Check memory usage

4. Check Network Configuration

ip addr show  # Check network card IP, MAC, subnet mask (replaces old ifconfig)
ip route show  # Check routing table
ping -c 4 8.8.8.8  # Test external network connectivity (send 4 ICMP packets)

5. See Which Users and Processes Are Running

who  # Show currently logged-in users
w    # More detailed version (who + uptime + what each user is doing)
ps aux  # View all processes (a=all users, u=user format, x=including processes without terminals)
top  # Real-time view of processes, CPU, memory usage (press q to exit)

Core Goal of First Login: Figure out "where am I, who am I, what's the system status, is the network working, what processes are running."

---

Most Basic File and Directory Operations (Daily Essentials)

This section covers "muscle memory" level commands, used most frequently. In-depth file operations (pipes, redirection, advanced filtering) are covered in the 《 Linux Advanced File Operations 》 specialized article; here we only keep the basics.

1. Navigation (Moving Between Directories)

pwd  # Display current directory
cd /path/to/dir  # Change to specified directory
cd ~  # Return to home directory (equivalent to cd /home/username or cd /root)
cd ..  # Go up one directory level
cd -  # Go back to previous directory (like "back" button)

2. Viewing Directory Contents

ls  # List files and directories in current directory
ls -l  # Detailed list (permissions, owner, size, modification time)
ls -lh  # -h makes size display friendlier (1K, 2M, 3G)
ls -a  # Include hidden files (starting with ., like .bashrc)
ls -lah  # Combine all above options (most commonly used)
ll  # On many systems, ll is an alias for ls -l

Permission Column Interpretation (using drwxr-xr-x as example):

• First character d indicates directory; - indicates regular file; l indicates symbolic link
• Next 9 characters in three groups (owner / group / others), each group 3 characters (rwx)
  • rwx: owner can read, write, execute
  • r-x: group can read, execute, but not write
  • r-x: others can read, execute, but not write

Detailed interpretation of permissions, numeric notation (like chmod 755), SUID/SGID and other advanced content is covered in the 《 Linux File Permissions 》 specialized article.

3. Creating and Deleting

mkdir mydir  # Create directory
mkdir -p a/b/c  # Recursively create multi-level directories (automatically creates parent dirs if they don't exist)
touch file.txt  # Create empty file (if file exists, only updates timestamp)
rm file.txt  # Delete file
rm -r mydir  # Delete directory (-r means recursively delete directory and its contents)
rm -rf mydir  # Force delete (-f means force, no prompts)

Safety Tip: rm -rf is a dangerous command, especially rm -rf / (deletes entire system root directory). Modern Linux blocks such commands, but still be careful. Before deleting, use ls to confirm what you're deleting.

Note: Files deleted by rm can actually be recovered (filesystems are journaled, with backup and recovery mechanisms). To thoroughly shred a file (overwrite with random data), use shred filename, but this is dangerous and not recommended for daily use.

4. Copying and Moving

cp source.txt dest.txt  # Copy file
cp -r srcdir dstdir  # Copy directory (-r means recursive)
mv old.txt new.txt  # Rename file (or move to another directory)
mv file.txt /tmp/  # Move file to /tmp directory

Tips:

• When copying folders to a target path, if the target folder doesn't exist, the source folder is renamed and copied there; if it exists, the source folder is copied into the target folder.
• mv is equivalent to Windows' "cut and paste."

5. Viewing File Contents

cat file.txt  # Output entire file to screen (suitable for short files)
less file.txt  # Paginated viewing (press space to scroll, q to exit)
more file.txt  # Similar to less but with fewer features (less is more recommended)
head -n 20 file.txt  # View first 20 lines
tail -n 20 file.txt  # View last 20 lines
tail -f /var/log/syslog  # Real-time view of log rolling output (commonly used for monitoring logs)

Tips:

• cat is suitable for short files; for long files use less (can scroll up/down, search).
• tail -f is an essential operations skill, used for real-time log monitoring (like web server access logs, application logs).

6. Creating/Editing Files (Quick Content Writing)

echo "Hello World" > file.txt  # Overwrite (file is cleared if it exists)
echo "Second line" >> file.txt  # Append (add to end of file)
cat > file.txt <<EOF
Line 1
Line 2
Line 3
EOF  # Multi-line write (input EOF to finish)

Redirection Operators Explained:

• >: Overwrite (equivalent to "create or clear file, then write")
• >>: Append (add to end of file without clearing original content)

More complex redirection, pipes, and in-depth usage of stdin/stdout/stderr is covered in the 《 Linux Advanced File Operations 》 specialized article.

7. File Information Viewing

stat file.txt  # View detailed file information (timestamps, inode, permissions, etc.)
file file.txt  # View file's true type (not dependent on extension)
wc -l file.txt  # Count file lines (-w counts words, -c counts bytes)
du -sh mydir  # View directory disk usage (-s summarizes, -h human-readable)

stat vs ls: ls -l only shows basic info (permissions, size, modification time), stat shows more detailed info (access time atime, modification time mtime, status change time ctime, inode number, etc.).

---

Remote Connection Basics: How to Use SSH

SSH (Secure Shell) is the standard way to remotely log into Linux servers, transmitting data through encryption, default port 22.

1. Basic Usage

ssh user@host  # Log into host with user account (IP or domain name)
ssh -p 2222 user@host  # Specify non-default port (if SSH port has changed)

Example:

ssh root@192.168.1.100  # Log into 192.168.1.100 as root
ssh -p 22222 admin@example.com  # Log into example.com as admin, port 22222

2. Exiting Connection

exit  # Exit current session (or directly close SSH client window)
logout  # Can also use logout

Tips:

• If you ssh to another machine within an SSH session (nested SSH), exit only exits the current level; you need multiple exit to get back to local.
• If network drops, SSH session will hang; you can use ~. (tilde + dot) to force disconnect (must be entered at the start of a new line).

3. Password-Free Login (Key Authentication)

Why use key login?

• More secure (key length typically 2048 or 4096 bits, much harder to crack than passwords)
• More convenient (don't need to enter password every time)
• Can be paired with automation scripts (like Ansible, Fabric)

Steps: 1. Generate key pair locally (public key + private key):

ssh-keygen -t rsa -b 4096  # Generate 4096-bit RSA key pair

By default generates ~/.ssh/id_rsa (private key) and ~/.ssh/id_rsa.pub (public key).

2. Copy public key to server:

   ssh-copy-id user@host  # Automatically appends public key to server's ~/.ssh/authorized_keys

   Or manual copy:

   cat ~/.ssh/id_rsa.pub | ssh user@host "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"

3. Next login won't need password:

   ssh user@host  # Directly uses key authentication, no password needed

4. Common SSH Client Tools

• Command Line: ssh command (built-in on Linux / macOS)
• Windows:
  • PuTTY (old-school, but interface is simple)
  • Xshell (powerful, but free version has limitations)
  • MobaXterm (includes X11 forwarding, SFTP, serial port, etc.)
  • Windows Terminal + OpenSSH (Windows 10/11 come with OpenSSH client)

5. Changing SSH Port (Security Hardening)

Default port 22 is a prime target for hacker scans; changing the port reduces scan probability (but isn't absolute security).

Steps: 1. Edit config file:

sudo vi /etc/ssh/sshd_config

2. Find #Port 22, uncomment and change to another port (like Port 22222) 3. Restart SSH service:

sudo systemctl restart sshd  # Systemd systems
# or
sudo service sshd restart  # SysV systems

4. Next login needs to specify port:

ssh -p 22222 user@host

Security Recommendations:

• Changing port only reduces scan probability; doesn't prevent targeted attacks.
• More important security measures: disable password login, only allow key login, configure firewall (only allow specific IPs to connect to SSH), install fail2ban (automatically ban brute-force attack IPs).

---

Permission and User Basics (Brief Introduction, See Specialized Articles for Deep Dive)

1. Permission Basics: What Does rwx Mean

Each file/directory has three permission groups (owner / group / others), each with three bits (rwx):

• r (read): Can read
• w (write): Can write
• x (execute): Can execute (for directories, x means can enter that directory)

Example: -rw-r--r--

• First character - indicates regular file (d indicates directory, l indicates symbolic link)
• rw-: owner can read and write, not execute
• r--: group can read, not write or execute
• r--: others can read, not write or execute

2. Modifying Permissions (chmod)

chmod 755 script.sh  # Use numeric notation to modify permissions
chmod u+x script.sh  # Add execute permission for owner (u=user, g=group, o=others, a=all)
chmod g-w file.txt  # Remove write permission for group
chmod o=r file.txt  # Set others to only read permission

Numeric Notation (most commonly used):

• 7 = rwx (4+2+1)
• 6 = rw- (4+2)
• 5 = r-x (4+1)
• 4 = r--
• 0 = ---

So chmod 755 script.sh means: owner=rwx, group=r-x, others=r-x.

In-depth content (SUID/SGID/Sticky bit, ACL, umask, etc.) is covered in the 《 Linux File Permissions 》 specialized article.

3. Switching Users (su / sudo)

su  # Switch to root (needs root password)
su - root  # Complete switch to root (loads root's environment variables)
su - user  # Switch to another user (loads that user's environment)
sudo command  # Execute command with root permissions (requires current user to have sudo permissions)

su vs sudo:

• su: Switch User, needs target user's password.
• sudo: Super User Do, execute command as root, only needs current user's password (prerequisite: current user is in sudo group).

Security Recommendation: Use regular user for daily operations, use sudo when permissions are needed, don't log in directly as root.

In-depth content (user management, group management, /etc/passwd, /etc/shadow, useradd/usermod/userdel, etc.) is covered in the 《 Linux User Management 》 specialized article.

---

Common Directory Structure (Linux's "Map")

Linux's directory structure is fixed (FHS standard), unlike Windows with C:\, D:\, etc. drive letters. Everything hangs under root directory /.

Core Directories and Their Functions

• /: Root directory, starting point for everything
• /etc: Main system configuration file directory. Almost all service configs are here (like /etc/ssh/sshd_config, /etc/fstab, /etc/hosts)
• /var: Variable data directory
  • /var/log: System and service log files (like /var/log/syslog, /var/log/auth.log)
  • /var/www: Web server website root directory (Apache/Nginx default)
• /home: Regular users' home directories (like /home/alice, /home/bob)
• /root: Root user's home directory (not under /home)
• /usr: System software and library files (User Software Resources)
  • /usr/bin: Most command binary files
  • /usr/lib: Library files
  • /usr/local: User manually compiled/installed software (not managed by package manager)
• /opt: Third-party large software packages (like Oracle, Google Chrome)
• /tmp: Temporary files (cleared after reboot)
• /dev: Device files (like /dev/sda is first hard drive, /dev/tty is terminal)
• /proc: Virtual filesystem providing process and kernel info (like /proc/cpuinfo, /proc/meminfo)
• /sys: Virtual filesystem providing hardware device info (like /sys/class/net/eth0)
• /boot: Boot-related files (kernel, bootloader)
• /lib: System library files (like dynamic link libraries .so)
• /mnt: Temporary mount point (like mounting USB drives, mobile hard drives)
• /media: Auto-mount point for removable devices (like CD, USB drive)

Remember these directories; troubleshooting will be faster:

• Configuration problem? Go to /etc for config files.
• Service won't start? Go to /var/log to check logs.
• Disk full? Use du -sh /* to see which directory uses most space.

---

Package Management Basics (Brief Introduction, See Specialized Article for Deep Dive)

Linux software installation isn't like Windows downloading .exe installers; it's managed uniformly through package managers.

Common Package Managers

• Debian/Ubuntu Family: apt (or older apt-get)

  sudo apt update  # Update software source info
  sudo apt install nginx  # Install nginx
  sudo apt remove nginx  # Uninstall nginx
  sudo apt search keyword  # Search for packages

• RHEL/CentOS Family: yum (CentOS 7) or dnf (CentOS 8+ / RHEL 8+)

  sudo yum update  # Update software source info
  sudo yum install nginx  # Install nginx
  sudo yum remove nginx  # Uninstall nginx
  sudo yum search keyword  # Search for packages

• Arch Linux: pacman

  sudo pacman -Syu  # Update system
  sudo pacman -S nginx  # Install nginx
  sudo pacman -R nginx  # Uninstall nginx

Advantages:

• Dependency resolution is automatic (A depends on B, B depends on C; installing A automatically installs B and C)
• Unified version management (one command updates all software)
• High security (packages are all signature-verified)

In-depth content (compilation installation, .rpm / .deb manual installation, snap / flatpak, software source configuration, etc.) is covered in the 《 Linux Package Management 》 specialized article.

---

Process and Resource Management Basics (Brief Introduction, See Specialized Article for Deep Dive)

1. Viewing Processes

ps aux  # View all processes (a=all users, u=user format, x=including processes without terminals)
ps aux | grep nginx  # View nginx-related processes
top  # Real-time view of processes, CPU, memory usage (press q to exit)
htop  # Enhanced version of top (needs installation, more intuitive)

2. Terminating Processes

kill <PID>  # Send SIGTERM signal (gracefully terminate process)
kill -9 <PID>  # Send SIGKILL signal (forcefully terminate process)
killall nginx  # Terminate all processes named nginx
pkill nginx  # Terminate processes by name (supports regex)

kill vs kill -9:

• kill: Sends SIGTERM signal; process can catch this signal, do some cleanup (like saving data, closing connections) before exiting.
• kill -9: Sends SIGKILL signal; process cannot catch it, immediately forcefully terminated (may cause data loss or resource leaks).

Recommendation: First use kill; if process doesn't respond, then use kill -9.

3. Background Running

command &  # Run command in background
nohup command &  # Run in background, process won't be killed after exiting SSH
jobs  # View background jobs
fg %1  # Bring job 1 to foreground
bg %1  # Continue job 1 in background

In-depth content (CPU/memory/disk IO monitoring, cgroup, nice/renice, systemd service management, etc.) is covered in the 《 Linux Process and Resource Management 》 and 《 Linux System Service Management 》 specialized articles.

---

Basic Safe Operations Habits (Pitfalls Beginners Easily Fall Into)

1. Back Up Before Modifying Critical Configurations

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak  # Back up config file

If you mess up, you can restore with sudo cp /etc/ssh/sshd_config.bak /etc/ssh/sshd_config.

2. Keep a Backup Connection When Modifying Network/SSH Config

If you modify network or SSH config within an SSH session, messing up might lock yourself out. Correct approach:

• Keep one SSH session open (to restore config)
• Open a new SSH session to test if modification works
• If new session can't connect, immediately restore config in old session

3. Think Thrice Before Executing Dangerous Commands

• rm -rf /: Delete entire system root directory (modern Linux blocks this, but still be careful)
• dd if=/dev/zero of=/dev/sda: Write zeros to entire hard drive (data unrecoverable)
• chmod -R 777 /: Change entire system permissions to anyone can read/write/execute (security disaster)

Recommendations:

• Before deleting, use ls to confirm what you're deleting
• Before disk operations (dd, fdisk, mkfs), first confirm device name (lsblk)
• Before modifying permissions, think through why and what to change to

4. Logs Are Your Friend

When problems arise, check logs first:

• /var/log/syslog (Debian/Ubuntu) or /var/log/messages (RHEL/CentOS): System log
• /var/log/auth.log (Debian/Ubuntu) or /var/log/secure (RHEL/CentOS): Authentication log (SSH logins, sudo operations)
• /var/log/<service-name>/: Individual service logs (like /var/log/nginx/, /var/log/mysql/)

sudo tail -f /var/log/syslog  # Real-time view system log
sudo grep "Failed password" /var/log/auth.log  # Check SSH login failures

---

Next Steps: Where to Deep Dive

This article is the entry guide for the entire Linux series; each topic is just "briefly introduced." If you want to dive deeper into any topic, check the corresponding specialized article:

• 《 Linux File Permissions 》: SUID/SGID/Sticky bit, ACL, umask, permission inheritance, etc.
• 《 Linux User Management 》: useradd/usermod/userdel, group management, /etc/passwd, /etc/shadow, sudo configuration, etc.
• 《 Linux Disk Management 》: Partitioning (MBR/GPT, fdisk/gdisk), formatting (mkfs), mounting (mount, /etc/fstab), LVM, RAID, etc.
• 《 Linux System Service Management 》: Systemd (systemctl), SysV (service, chkconfig), custom services, auto-start on boot, etc.
• 《 Linux Package Management 》: apt/yum/dnf in-depth usage, compilation installation, .rpm/.deb manual installation, software source configuration, etc.
• 《 Linux Process and Resource Management 》: CPU/memory/disk IO monitoring, top/htop/iotop, nice/renice, cgroup, OOM killer, etc.
• 《 Linux Advanced File Operations 》: Pipes (|), redirection (>, >>, <, 2>), stdin/stdout/stderr, xargs, tee, etc.

Learning Recommendations: 1. First read through this "Basics" article to establish overall awareness. 2. Based on your actual needs, choose corresponding specialized topics for deep learning (for example, if you need to configure disks, see 《 Disk Management 》; if you need to configure services, see 《 System Service Management 》). 3. Learn by doing; best to have a virtual machine or cloud server for practice (recommend VirtualBox + Ubuntu or Alibaba Cloud/Tencent Cloud student instances).

---

References and Further Reading

• Linux Documentation Project: Classic Linux documentation library
• Arch Linux Wiki: Extremely high-quality Linux documentation (not just for Arch)
• The Linux Command Line (book): Free Linux command-line introductory book
• Linux Performance: Performance analysis master Brendan Gregg's resource page

---

By this point, you should have progressed from "able to log in" to "having a basic sense of direction." Next is to choose corresponding specialized topics for deep learning based on actual needs. Remember: Linux isn't learned all at once but accumulated continuously through practice.