Useful Sysadmin Commands

A collection of helpful Linux / Freebsd commands I find helpful for day to day use

Finding files and executing actions on them

Find and delete files with filename length of 5:

find . -type f -name '?????' -exec rm -f {} \;

Remove all data from file without deleting file:

truncate -s0 access.log

List all file and directory disk space usage sorted by 10 largest directories:

sudo du -cks * | sort -rn | head

Listing processes and process system usage

List memory usage by category of process:

ps aux | awk '{print $4"\t"$11}' | sort | uniq -c | awk '{print $2" "$1" "$3}' | sort -nr

List memcache objects:

ngrep -W none -T -d any "^(get|set|delete|END|STORED|VALUE|DELETED)" port 11211 | awk '{print $1 " " $2}'

SSH Commands

Forward custom port (local requests to MySQL in this example) to a remote host:

ssh -fND 3306

Troubleshooting Network Traffic

Capture http headers with tcpdump:

tcpdump -s 1024 -C 1024000 -w /tmp/httpcapture dst port 80

Check for connections to a database not closing (left in TIME_WAIT status):

netstat -an | grep TIME_WAIT

Capture packets for a particular Destination IP and Port:

tcpdump -w packet_capture_results.pcap -i eth0 dst and port 22

Capture all packets except those that match packet type filter:

tcpdump -i eth0 not arp and not rarp

Tar Commands

Tar a directory and encrypt it in one line:

tar cvzf - example_dir | openssl des3 -salt -k secretkey | dd of=encrypted_example_dir

To decrypt:

dd if=encrypted_example_dir | openssl des3 -d -k secretkey | tar xvzf -