Introduction
Linux commands are the primary interface for managing a cloud server. Whether you are deploying a web application, investigating a performance issue, or securing a fresh VM, the terminal is where the work happens. Knowing which commands to reach for — and in what order — separates productive server management from frustrated Googling.
This guide organizes commands by the tasks you actually perform on a cloud server, not by alphabetical order or abstract categories. Every example was tested on a Raff Ubuntu 24.04 VM, and the expected output reflects what you will see on a real server. When we migrated our own infrastructure to new AMD EPYC nodes earlier this year, these were the exact commands our team ran hundreds of times across dozens of servers.
You will find commands grouped into six task categories: connecting to your server, navigating the filesystem, securing your server, deploying software, monitoring performance, and troubleshooting problems. Each section builds on the previous one, mirroring the workflow of setting up and operating a production server.
Connecting to Your Server
Every cloud server session starts with a connection. SSH (Secure Shell) is the standard protocol for encrypted remote access, and it is the first command you will use after creating a Linux VM.
ssh — Connect to a Remote Server
The ssh command establishes an encrypted session to your server. The basic syntax uses your username and server IP address:
bashssh deploy@203.0.113.50
On first connection, SSH asks you to verify the server's fingerprint. After accepting, you land in a shell session on the remote machine.
For key-based authentication (recommended over passwords), specify the private key:
bashssh -i ~/.ssh/raff_key deploy@203.0.113.50
Tip
Add your server to ~/.ssh/config to avoid typing the full command every time. Create the file with nano ~/.ssh/config and add a host block with Host, HostName, User, and IdentityFile directives.
scp — Copy Files Between Local and Remote
scp transfers files over SSH. Copy a local file to your server:
bashscp ./app.tar.gz deploy@203.0.113.50:/home/deploy/
Copy a file from your server to your local machine:
bashscp deploy@203.0.113.50:/var/log/nginx/error.log ./
For entire directories, add the -r flag:
bashscp -r ./config/ deploy@203.0.113.50:/etc/myapp/
rsync — Synchronize Files Efficiently
rsync is the better choice for large or repeated transfers because it only copies changed bytes:
bashrsync -avz --progress ./site/ deploy@203.0.113.50:/var/www/html/
The flags: -a preserves permissions and timestamps, -v shows verbose output, -z compresses data during transfer, and --progress displays transfer progress.
Navigating the Filesystem
Once connected, you need to move through directories, read files, and understand the server's layout. These commands form the foundation of every other task.
ls — List Directory Contents
ls shows the files and directories in the current location. The -la combination is the most useful variant on a server:
bashls -la /etc/nginx/
Expected output:
total 72
drwxr-xr-x 8 root root 4096 Apr 1 10:30 .
drwxr-xr-x 96 root root 4096 Apr 1 09:15 ..
drwxr-xr-x 2 root root 4096 Apr 1 10:30 conf.d
-rw-r--r-- 1 root root 1077 Feb 11 14:01 fastcgi.conf
-rw-r--r-- 1 root root 1007 Feb 11 14:01 fastcgi_params
-rw-r--r-- 1 root root 5465 Feb 11 14:01 mime.types
-rw-r--r-- 1 root root 1490 Apr 1 10:30 nginx.conf
drwxr-xr-x 2 root root 4096 Apr 1 10:28 sites-available
drwxr-xr-x 2 root root 4096 Apr 1 10:28 sites-enabled
The first column shows permissions, the third column shows the file owner, and the fifth column shows file size in bytes. This output tells you exactly who owns each file and who can read, write, or execute it.
cd — Change Directory
Navigate between directories with cd:
bashcd /var/log/ # Go to the log directory
cd .. # Go up one level
cd ~ # Go to your home directory
cd - # Go to the previous directory
pwd — Print Working Directory
When you are deep in a directory tree, pwd confirms your location:
bashpwd
Output: /var/log/nginx
cat, head, tail — Read File Contents
cat prints an entire file. Use it for small configuration files:
bashcat /etc/hostname
head shows the first lines (default 10):
bashhead -n 20 /var/log/syslog
tail shows the last lines and is essential for monitoring live logs:
bashtail -f /var/log/nginx/access.log
The -f flag follows the file in real time — new lines appear as they are written. Press Ctrl+C to stop.
find — Search for Files
find searches the filesystem by name, type, size, or modification time:
bashfind /etc -name "*.conf" -type f
Find files modified in the last 24 hours (useful for debugging recent changes):
bashfind /var/www -mtime -1 -type f
Find large files consuming disk space:
bashfind / -type f -size +100M 2>/dev/null
The 2>/dev/null suppresses permission errors for directories you cannot read.
Securing Your Server
Security commands should be the first thing you run after creating a new server. On Raff VMs, DDoS protection is included at the infrastructure level, but operating system hardening is your responsibility.
ufw — Manage the Firewall
ufw (Uncomplicated Firewall) is the standard firewall interface on Ubuntu. Enable it and configure rules:
bashsudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow 22/tcp # SSH
sudo ufw allow 80/tcp # HTTP
sudo ufw allow 443/tcp # HTTPS
sudo ufw enable
Check the current rules:
bashsudo ufw status numbered
Expected output:
Status: active
To Action From
-- ------ ----
[ 1] 22/tcp ALLOW IN Anywhere
[ 2] 80/tcp ALLOW IN Anywhere
[ 3] 443/tcp ALLOW IN Anywhere
Warning
Always allow SSH (port 22 or your custom SSH port) before enabling ufw. Locking yourself out of a remote server requires a web console to recover.
chmod and chown — Set File Permissions
chmod changes who can read, write, and execute a file. chown changes the file owner.
Set a deploy script as executable:
bashchmod 755 deploy.sh
The digits represent owner (7=rwx), group (5=rx), and others (5=rx).
Transfer ownership of a web directory to the web server user:
bashsudo chown -R www-data:www-data /var/www/html/
Common permission patterns on a cloud server:
| Permission | Numeric | Use Case |
|---|---|---|
rwxr-xr-x | 755 | Executable scripts, directories |
rw-r--r-- | 644 | Configuration files, HTML/CSS |
rw------- | 600 | SSH private keys, secrets |
rwx------ | 700 | .ssh directory |
useradd and passwd — Manage User Accounts
Create a non-root user for daily operations (never run production services as root):
bashsudo useradd -m -s /bin/bash deploy
sudo passwd deploy
Grant sudo access:
bashsudo usermod -aG sudo deploy
ssh-keygen — Generate SSH Keys
Create a key pair for passwordless authentication:
bashssh-keygen -t ed25519 -C "deploy@raff-vm"
Copy the public key to the server:
bashssh-copy-id -i ~/.ssh/id_ed25519.pub deploy@203.0.113.50
After confirming key-based login works, disable password authentication in /etc/ssh/sshd_config by setting PasswordAuthentication no, then restart SSH with sudo systemctl restart sshd.
Deploying Software
Package management and service control are the core deployment commands. On Ubuntu, apt handles packages and systemctl manages services.
apt — Install, Update, and Remove Packages
Always update the package index before installing anything:
bashsudo apt update
Install a package:
bashsudo apt install -y nginx
The -y flag auto-confirms the installation. Upgrade all installed packages:
bashsudo apt upgrade -y
Search for a package by name:
bashapt search mariadb
Remove a package and its configuration:
bashsudo apt purge nginx
sudo apt autoremove -y
Note
On CentOS, Rocky Linux, and AlmaLinux (all available on Raff), replace apt with dnf. The command structure is similar: sudo dnf install nginx.
systemctl — Manage Services
systemctl controls systemd services — the daemons that run your applications:
bashsudo systemctl start nginx # Start the service
sudo systemctl stop nginx # Stop the service
sudo systemctl restart nginx # Restart (brief downtime)
sudo systemctl reload nginx # Reload config (no downtime)
sudo systemctl enable nginx # Start automatically on boot
sudo systemctl status nginx # Check current status
List all running services:
bashsystemctl list-units --type=service --state=running
Check if a service failed:
bashsystemctl --failed
nano and vim — Edit Configuration Files
nano is the beginner-friendly editor:
bashsudo nano /etc/nginx/sites-available/default
Save with Ctrl+O, exit with Ctrl+X.
vim is faster for experienced users:
bashsudo vim /etc/nginx/nginx.conf
Press i to enter insert mode, Esc to exit insert mode, and type :wq to save and quit.
tar — Archive and Extract Files
Create a compressed archive of an application directory:
bashtar -czf backup-app-$(date +%Y%m%d).tar.gz /var/www/html/
Extract an archive:
bashtar -xzf app-release-v2.1.tar.gz -C /var/www/html/
The flags: -c creates, -x extracts, -z uses gzip compression, -f specifies the filename, and -C sets the extraction directory.
Monitoring Your Server
Monitoring commands help you understand what your server is doing right now and whether it has the resources to handle your workload. On our own infrastructure, we monitor every Raff node continuously — these are the same commands we use before reaching for Prometheus dashboards.
top and htop — Real-Time Process Monitor
top shows live CPU and memory usage:
bashtop
The header displays load averages, total memory, and swap usage. The process list shows what is consuming resources. Press q to quit.
htop is a better visual alternative (install it with sudo apt install -y htop):
bashhtop
htop supports mouse interaction, color-coded bars for CPU cores and memory, and tree view for process hierarchies. Press F6 to sort by memory, CPU, or other columns.
df and du — Check Disk Usage
df shows filesystem-level disk usage:
bashdf -h
Expected output on a Raff VM:
Filesystem Size Used Avail Use% Mounted on
/dev/vda1 79G 12G 64G 16% /
tmpfs 2.0G 0 2.0G 0% /dev/shm
du shows disk usage by directory. Find the largest directories:
bashdu -sh /var/log/* | sort -rh | head -10
This combination is one of the most useful pipe chains on a server — it lists the top 10 largest items in /var/log/ sorted by size.
free — Check Memory Usage
bashfree -h
Expected output:
total used free shared buff/cache available
Mem: 3.8Gi 824Mi 1.9Gi 12Mi 1.1Gi 2.8Gi
Swap: 2.0Gi 0B 2.0Gi
The available column is what matters — it shows how much memory can be allocated to new processes. If available is consistently low and Swap used is growing, your VM needs more RAM. Raff supports instant resize so you can upgrade without data loss.
journalctl — Read System and Service Logs
journalctl reads logs from systemd's journal. View logs for a specific service:
bashsudo journalctl -u nginx --since "1 hour ago"
Follow logs in real time:
bashsudo journalctl -u nginx -f
View only error-level messages:
bashsudo journalctl -p err --since today
Show boot-related messages (useful after a server restart):
bashsudo journalctl -b
ss — View Network Connections
ss (socket statistics) replaces the older netstat command. Show all listening ports:
bashss -tlnp
Expected output:
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 511 0.0.0.0:80 0.0.0.0:* users:(("nginx",pid=1234,...))
LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=567,...))
LISTEN 0 511 0.0.0.0:443 0.0.0.0:* users:(("nginx",pid=1234,...))
The flags: -t shows TCP sockets, -l shows only listening sockets, -n shows numeric ports (not service names), and -p shows the process using each socket.
Troubleshooting Problems
When something breaks — and on a production server, something always breaks — these commands help you find the cause.
grep — Search Inside Files
grep finds text patterns in files. Search for errors in a log file:
bashgrep -i "error" /var/log/nginx/error.log
Search recursively through a directory:
bashgrep -rn "listen 80" /etc/nginx/
The -r flag searches recursively, -n shows line numbers, and -i makes the search case-insensitive.
Combine grep with pipes to filter command output:
bashps aux | grep nginx
systemctl list-units | grep failed
awk — Extract and Process Text Columns
awk processes columnar data. Extract specific fields from command output:
bashdf -h | awk '{print $1, $5}'
This prints only the filesystem name and usage percentage from df output.
Find processes using the most memory:
bashps aux --sort=-%mem | awk 'NR<=10 {print $1, $4, $11}'
ping and curl — Test Network Connectivity
ping tests basic connectivity:
bashping -c 4 google.com
curl tests HTTP endpoints and is essential for verifying web services:
bashcurl -I https://your-domain.com
The -I flag shows only the response headers. Check the HTTP status code:
bashcurl -o /dev/null -s -w "%{http_code}" https://your-domain.com
lsof — List Open Files and Ports
lsof shows what files and ports a process has open. Find what process is using port 80:
bashsudo lsof -i :80
Find all files opened by a specific process:
bashsudo lsof -p $(pgrep nginx | head -1)
dmesg — Kernel Messages
dmesg shows hardware-level messages from the kernel. Check for disk errors or hardware issues:
bashsudo dmesg --level=err,warn | tail -20
This is the first command to check when a server behaves unexpectedly after a reboot or when you suspect a hardware-level issue.
Essential Command Combinations
The real power of Linux commands comes from combining them with pipes (|), redirects (>), and subshells. Here are combinations our team uses regularly on production servers.
Find and Kill a Stuck Process
bashps aux | grep "stuck-process" | grep -v grep | awk '{print $2}' | xargs kill -9
Watch a Log File for a Specific Pattern
bashtail -f /var/log/nginx/access.log | grep --line-buffered "POST /api/"
Check Disk Usage and Sort by Size
bashdu -sh /* 2>/dev/null | sort -rh | head -10
Find Recently Modified Configuration Files
bashfind /etc -name "*.conf" -mtime -1 -exec ls -la {} \;
Export a List of Installed Packages (for Migration)
bashdpkg --get-selections | grep -v deinstall > packages.list
This is useful when migrating to a new Raff VM — recreate the same software environment on the new server with:
bashsudo dpkg --set-selections < packages.list && sudo apt-get dselect-upgrade -y
Quick Reference Table
| Task | Command | Example |
|---|---|---|
| Connect to server | ssh | ssh deploy@203.0.113.50 |
| Copy file to server | scp | scp file.tar.gz user@host:/path/ |
| List files | ls -la | ls -la /etc/nginx/ |
| Read a file | cat | cat /etc/hostname |
| Follow a log | tail -f | tail -f /var/log/syslog |
| Search in files | grep | grep -rn "error" /var/log/ |
| Find files | find | find / -name "*.conf" |
| Update packages | apt | sudo apt update && sudo apt upgrade -y |
| Install software | apt install | sudo apt install -y nginx |
| Manage services | systemctl | sudo systemctl restart nginx |
| Read service logs | journalctl | sudo journalctl -u nginx -f |
| Check disk space | df -h | df -h / |
| Check memory | free -h | free -h |
| Check ports | ss -tlnp | ss -tlnp |
| Firewall rules | ufw | sudo ufw allow 443/tcp |
| Set permissions | chmod | chmod 644 config.yaml |
| Change owner | chown | sudo chown www-data:www-data /var/www/ |
| Edit files | nano | sudo nano /etc/nginx/nginx.conf |
| Process monitor | htop | htop |
| Archive files | tar | tar -czf backup.tar.gz /var/www/ |
Conclusion
Managing a cloud server is a loop of connecting, deploying, monitoring, and troubleshooting. The commands in this guide cover that entire loop. You do not need to memorize fifty commands — learn the ten most relevant to your current task, and build from there.
The command combinations in the Essential Command Combinations section are where real productivity lives. A single pipe chain can replace minutes of manual clicking in a GUI. Practice building your own combinations as you work.
For hands-on practice, deploy a Raff Linux VM and work through our tutorials on installing Nginx, setting up Docker, or deploying PostgreSQL. Each tutorial uses the commands from this guide in a real deployment context.
This guide reflects the commands our systems engineering team uses daily across Raff's infrastructure — from provisioning new compute nodes to debugging network issues at 2am. If a command made this list, it is because we have typed it hundreds of times on production servers.