Ten Things I Wish I Knew When Becoming A Linux Admin

Ten years ago I installed Linux for the very first time. To be exact, it was Slackware 7, the best distribution at the time in my opinion. Since then I’ve come to favor Debian Linux as my favorite version…at least for my Linux servers. I like to have a solid core system installed that I can build from scratch, but this is for another time. This article is for you new Linux admins; here are the ten things I wish I knew when starting my Linux admin journey.

1.) When in doubt check your logs. EVERYTHING is logged inside of Linux. If you are dealing with a nagging problem, the first thing you always need to do is check your logs. In most systems, this is found in /var/log/. /var/log/syslog logs all the system messages and is where you will find most common error messages. I encourage you to start digging through your logs and getting familiarized with those error messages.

2.) You can use the Tail command to view the last ten lines of a file. You can use the -f flag, or tail -f /var/log/syslog to watch the most recent lines append to the log file. This is a great tool to use while watching for error messages. You can also use the Head command to view the first ten lines of a specified file.

3.) Monitor your server resources. Depending on your disk and partition size, sometimes you can run out of space or your log files can take up most of your root partition. You can monitor the size of the partitions by using the df command. Two flags to know when starting are the -h and -m flag. The -h flag puts information in human readable form such as 5g. The -m flag puts information in megabyte form and displays only in megabytes.

4.) Never Use Root To Login. The most common hacks are done by port scanners and random password generators trying to break into your system with root as the username. Basic “admin 101” says the first thing you should do on your system is disable root login. You do this by going into /etc/ssh and edit sshd_config. Change this line PermitRootLogin yes to PermitRootLogin no. When you are finished, restart ssh /etc/init.d/ssh restart.

5.) Get to know chown and chmod if you are going to be hosting any websites. Permissions security and file ownership are very important. Having the wrong permissions can leave your code open to exploits or hacks.

6.) Use SFTP instead of FTP. SFTP encrypts passwords through the tunnel where as port 21 ftp allows password information to be sent via clear text. Hackers could listen into and grab your passwords when using port 21.

7.) ls -al – LS lists the directory contents. The -a flag tells the ls command to list all files, even those that begin with a . (dot). The -l flag tells LS to list the contents and also display the date files were modified. This command should just be the basic ls -al command when you want to list directory contents. I use it when I use ls regardless of need.

8.) Top – top command will display your highest usage processes on your system. If your processor is running high, this will help you find the process and fix the problem.

9.) Use grep to search files for a specific word/expression. Grep is extensive…very extensive. This is why it is one of the best tools to search files. For example, grep -r pinehead.tv /etc/* will recursively search the /etc/ directory and all the directors under it that have the word pinehead.tv.

10.) Redirect the results of a grep search into a new file. This is easy to do. We can take the search results from our command above and write them to a file instead of reading them in the shell. Just type grep -r pinehead.tv /etc/* > test.test.
A few things about pipes…

> Creates a new file containing standard output. If the specified file exists, it’s overwritten.
>> Appends standard output to the existing file. If the specified file doesn’t exist, it creates it.