Hide

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.


Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

UpGuard checks and validates configurations for every major OS, network device, and cloud provider.
Hide

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:

Hide

News

May 19, 2015 - A Look At The New Commandlinefu
I've put together a short writeup on what kind of newness you can expect from the next iteration of clfu. Check it out here.
March 2, 2015 - New Management
I'm Jon, I'll be maintaining and improving clfu. Thanks to David for building such a great resource!
Hide

Top Tags

Hide

Functions

All commands from sorted by
Terminal - All commands - 12,429 results
ssh host -l user $(<cmd.txt)
2010-06-04 17:47:00
User: recursiverse
Functions: host ssh
32

Much simpler method. More portable version: ssh host -l user "`cat cmd.txt`"

ccze
2009-11-23 15:54:33
User: tiagofischer
32

CCZE is a robust and modular log coloriser, with plugins for apm, exim, fetchmail, httpd, postfix, procmail, squid, syslog, ulogd, vsftpd, xferlog and more.

Examples:

tail -f /var/log/messages | ccze -A

tail -f /var/log/exim4/mainlog | ccze -A

mkfifo /tmp/fifo; cat /tmp/fifo | nc -l -p 1234 | tee -a to.log | nc machine port | tee -a from.log > /tmp/fifo
2009-02-20 04:00:15
User: prutser
Functions: cat mkfifo tee
32

Forwards localhost:1234 to machine:port, running all data through your chain of piped commands. The above command logs inbound and outbound traffic to two files.

Tip: replace tee with sed to manipulate the data in real time (use "sed -e 's/400 Bad Request/200 OK/'" to tweak a web server's responses ;-) Limitless possibilities.

wget -qO - http://infiltrated.net/blacklisted|awk '!/#|[a-z]/&&/./{print "iptables -A INPUT -s "$1" -j DROP"}'
2009-02-18 16:08:23
User: sil
Functions: wget
32

Blacklisted is a compiled list of all known dirty hosts (botnets, spammers, bruteforcers, etc.) which is updated on an hourly basis. This command will get the list and create the rules for you, if you want them automatically blocked, append |sh to the end of the command line. It's a more practical solution to block all and allow in specifics however, there are many who don't or can't do this which is where this script will come in handy. For those using ipfw, a quick fix would be {print "add deny ip from "$1" to any}. Posted in the sample output are the top two entries. Be advised the blacklisted file itself filters out RFC1918 addresses (10.x.x.x, 172.16-31.x.x, 192.168.x.x) however, it is advisable you check/parse the list before you implement the rules

echo | openssl s_client -connect www.google.com:443 2>/dev/null |openssl x509 -dates -noout
2009-02-05 15:21:50
User: systemj
Functions: echo
32

remotely connects to an https site, fetches the ssl certificate and displays the valid dates for the cert

[enter]~?
2011-06-17 18:29:59
User: xeor
Tags: ssh
31

SSH can be controlled trough an ~ escape sequence. Example, to terminate the current ssh connection, type a newline, then the ~ character, and last a . character.

This is useful eg when an ssh connection hangs after you reboot a machine and the connection hangs.

python -m http.server
2010-12-17 12:52:45
User: Alanceil
Functions: python
31

In Python version 3, the module was merged into http.server. Gentlemen, change your aliases.

ls !(*.gz)
2010-07-29 23:47:26
User: c0t0d0
Functions: ls
Tags: ls glob
31

Negative shell globs already come with bash. Make sure to turn on extended pattern matching with 'shopt -e extglob'.

lsof -P -i -n | cut -f 1 -d " "| uniq | tail -n +2
grep --color=always | less -R
2009-05-20 20:30:19
User: dinomite
Functions: grep less
31

Get your colorized grep output in less(1). This involves two things: forcing grep to output colors even though it's not going to a terminal and telling less to handle those properly.

echo $(sudo lshw -businfo | grep -B 1 -m 1 $(df "/path/to/file" | tail -1 | awk '{print $1}' | cut -c 6-8) | head -n 1 | awk '{print $1}' | cut -c 5- | tr ":" "-") | sudo tee /sys/bus/usb/drivers/usb/unbind
2014-04-06 12:06:29
User: tweet78
Functions: awk cut df echo grep head sudo tail tee tr
30

You have an external USB drive or key.

Apply this command (using the file path of anything on your device) and it will simulate the unplug of this device.

If you just want the port, just type :

echo $(sudo lshw -businfo | grep -B 1 -m 1 $(df "/path/to/file" | tail -1 | awk '{print $1}' | cut -c 6-8) | head -n 1 | awk '{print $1}' | cut -c 5- | tr ":" "-")

sed -i 8d ~/.ssh/known_hosts
:w !sudo tee > /dev/null %
2010-03-24 20:04:26
User: idemal
Functions: tee
Tags: vim sudo tee
30

Write a file you edited in Vim but that you do not have the permissions to write to (unless you use sudo.) Same as #1204 but without the echo to stdout that I find annoying.

ssh [email protected] 'tshark -f "port !22" -w -' | wireshark -k -i -
2009-12-17 23:03:24
User: markdrago
Functions: ssh
30

This captures traffic on a remote machine with tshark, sends the raw pcap data over the ssh link, and displays it in wireshark. Hitting ctrl+C will stop the capture and unfortunately close your wireshark window. This can be worked-around by passing -c # to tshark to only capture a certain # of packets, or redirecting the data through a named pipe rather than piping directly from ssh to wireshark. I recommend filtering as much as you can in the tshark command to conserve bandwidth. tshark can be replaced with tcpdump thusly:

ssh [email protected] tcpdump -w - 'port !22' | wireshark -k -i -
md () { mkdir -p "[email protected]" && cd "[email protected]"; }
2009-09-24 16:09:19
User: drewk
Functions: cd mkdir
30

How often do you make a directory (or series of directories) and then change into it to do whatever? 99% of the time that is what I do.

This BASH function 'md' will make the directory path then immediately change to the new directory. By using the 'mkdir -p' switch, the intermediate directories are created as well if they do not exist.

awk '{$1=$3=""}1' file
2011-10-25 22:15:06
User: zlemini
Functions: awk
29

Print all columns except the 1st and 3rd.

alias dush="du -sm *|sort -n|tail"
2010-03-26 10:18:57
User: funky
Functions: alias
29

sorts the files by integer megabytes, which should be enough to (interactively) find the space wasters. Now you can

dush

for the above output,

dush -n 3

for only the 3 biggest files and so on. It's always a good idea to have this line in your .profile or .bashrc

tar --exclude-vcs -cf src.tar src/
grep . filename > newfilename
history -d
2009-04-27 20:19:09
User: sud0er
Tags: bash
29

If you're a moron like me, sometimes your fingers get away from you and you, for example, enter your password when you're already authenticated to ssh-agent, sudo, etc., and your password ends up in shell history. Here's how to get it out.

kill -9 $$
2009-03-27 23:13:53
User: stu
Functions: kill
Tags: history exit
29

this exits bash without saving the history. unlike explicitly disabling the history in some way, this works anywhere, and it works if you decide *after* issuing the command you don't want logged, that you don't want it logged

... $$ ( or ${$} ) is the pid of the current bash instance

this also works perfectly in shells that don't have $$ if you do something like

kill -9 `readlink /proc/self`
ssh -t [email protected] /usr/bin/screen -xRR
2009-02-20 23:39:54
User: olifante
Functions: ssh
29

Long before tabbed terminals existed, people have been using Gnu screen to open many shells in a single text terminal. Combined with ssh, it gives you the ability to have many open shells with a single remote connection using the above options. If you detach with "Ctrl-a d" or if the ssh session is accidentally terminated, all processes running in your remote shells remain undisturbed, ready for you to reconnect. Other useful screen commands are "Ctrl-a c" (open new shell) and "Ctrl-a a" (alternate between shells). Read this quick reference for more screen commands: http://aperiodic.net/screen/quick_reference

mysqldump --add-drop-table --extended-insert --force --log-error=error.log -uUSER -pPASS OLD_DB_NAME | ssh -C [email protected] "mysql -uUSER -pPASS NEW_DB_NAME"
2009-02-17 17:57:53
User: Tscherno
Functions: ssh
29

Dumps a MySQL database over a compressed SSH tunnel and uses it as input to mysql - i think that is the fastest and best way to migrate a DB to a new server!

echo ${SSH_CLIENT%% *}
echo $[RANDOM%X+1]
2010-08-07 02:43:46
Functions: echo
28

If X is 5, it will about a number between 1 and 5 inclusive.

This works in bash and zsh.

If you want between 0 and 4, remove the +1.