VPS · 10 min read · Updated May 2026 · by Hostini Team

20 Essential Linux Commands for the Beginner VPS Sysadmin

Master the 20 most-used Linux commands in server administration: navigation, permissions, processes, networking, packages, and logs with practical examples.

Moving from Windows and dropping straight into a Linux VPS over SSH is usually an initial shock: no GUI, no Explorer, no Task Manager. The good news is that the Linux terminal has a much more coherent logic than it appears at first — once you master about 20 commands, you cover 90% of the tasks a beginner sysadmin runs day to day.

This guide is for anyone who just provisioned their first VPS (Ubuntu, Debian, or similar) and wants a minimum viable arsenal to navigate, manage processes, adjust permissions, diagnose networking, and install software. We’ll cover the commands grouped by task category, with ready-to-paste examples and explanations of when each one actually matters.

Estimated reading and practice time: 30 to 45 minutes if you test each command on your own VPS as you go.

Prerequisites

Prerequisites

You need a Linux VPS reachable via SSH — Ubuntu 22.04 LTS or 24.04 LTS work identically for the examples. Access with a regular user plus sudo is enough; you don’t need to log in as root. SSH client on your local machine (Terminal on macOS/Linux, or PowerShell/WSL on Windows 10+).

Tested distribution Ubuntu 24.04 LTS
Access user + sudo
Shell bash 5.x

Filesystem navigation

Before anything else, you need to know where you are, see what’s around you, and move. These are four commands you’ll type hundreds of times a day.

01

Find the current directory and list its contents:

pwd
ls -lah

pwd (print working directory) shows the absolute path where you are — useful when you get lost after several cd calls. ls -lah lists files with permissions (l), human-readable sizes (h), and includes hidden files (a). It’s the canonical way to inspect a directory.

02

Change directories and jump back quickly:

cd /var/log
cd -
cd ~

cd /var/log enters an absolute path. cd - returns to the previous directory — a shortcut that saves a lot of time. cd ~ (or just cd) goes to your home (/home/your-user).

03

Create and remove directories and files:

mkdir -p projects/site/logs
touch projects/site/index.html
rm -ri projects/test

mkdir -p creates the entire tree at once (doesn’t fail if intermediates already exist). touch creates an empty file or updates its timestamp. rm -ri removes with interactive confirmation — recommended while you don’t yet trust your paths 100%.

rm -rf is irreversible

There is no trash on Linux. rm -rf / or rm -rf $VAR/ with an empty variable destroys the system. Always prefer rm -ri while learning, and never run rm -rf on script-generated paths without validating first.

Viewing and editing files

Linux configurations are text files in /etc/. Reading and editing without friction is essential.

04

View small and large files:

cat /etc/hostname
less /var/log/syslog
tail -f /var/log/auth.log
head -n 50 /etc/ssh/sshd_config

cat dumps the entire file — good for short files. less opens navigable pagination (arrows, / to search, q to quit) — use it whenever the file exceeds one screen. tail -f follows files being written in real time, like logs. head -n 50 shows only the first 50 lines.

05

Edit files directly in the terminal:

sudo nano /etc/ssh/sshd_config

nano is the friendliest editor for people coming from a GUI — shortcuts are shown on the bottom bar (Ctrl+O saves, Ctrl+X exits). When you gain more experience, the professional standard is vim or vi, present on any server even the most minimal.

Always back up before editing critical config

Before touching sshd_config, nginx.conf, or any file that can lock you out, copy it: sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak. Costs nothing and saves sleepless nights.

Permissions and ownership

Linux controls access via three levels (owner, group, others) and three permissions (read, write, execute). The two commands below cover 95% of cases.

06

Adjust permissions on files and directories:

chmod 644 index.html
chmod 755 /var/www/site
chmod +x script.sh

The numbers are octal: 644 = owner reads/writes, others only read. 755 = owner can do everything, others read and execute (required for directories). +x adds execute permission for everyone without touching the rest — a handy shortcut for scripts.

07

Change file owner and group:

sudo chown www-data:www-data /var/www/site -R

chown user:group file changes owner and group. The -R flag applies recursively across the whole tree. Classic case: after running git clone as your user, adjust ownership to the web server user so it can serve the files.

Processes and system resources

Knowing what’s running, how much it consumes, and how to stop stuck processes is essential to keep the VPS healthy.

08

Monitor processes in real time:

top
htop

top ships with any Linux — q quits, M sorts by memory, P by CPU. htop (install with sudo apt install htop) is the modern version: colors, arrow navigation, F9 to kill a process. For production VPS, keep htop installed by default.

09

List and kill specific processes:

ps aux | grep nginx
sudo kill 1234
sudo kill -9 1234

ps aux lists all system processes; combined with grep, it filters by name. kill PID sends SIGTERM (polite termination). kill -9 PID sends SIGKILL (brute force) — use only when SIGTERM doesn’t resolve it, because it gives the process no chance to clean up state.

10

Check disk and memory usage:

df -h
du -sh /var/log/*
free -h

df -h shows free space per partition in human-readable format. du -sh /path/* shows the size of each item inside the path — invaluable for finding out who’s filling the disk. free -h shows total, used, and available RAM.

VPS filling up? Check the logs first

In 80% of disk-full cases on VPS, the culprit is /var/log/. Run sudo du -sh /var/log/* | sort -h and check whether any log is in gigabytes — usually it’s missing logrotate or an error in a loop generating spam.

Networking and connectivity

Diagnosing network issues is half a sysadmin’s job. These three commands solve the majority.

11

View interfaces, IPs, and listening ports:

ip addr
ss -tulpn

ip addr (or ip a) shows IPs configured on each interface — replaces the old ifconfig. ss -tulpn lists all open TCP/UDP ports and which process is listening — replaces the old netstat. Memorize this command: tcp, udp, listen, process, numeric.

12

Test connectivity and DNS:

ping -c 4 hostini.com.br
curl -I https://hostini.com.br
dig hostini.com.br

ping -c 4 sends 4 ICMP packets — confirms the machine reaches the destination. curl -I issues an HTTP HEAD request — confirms the web application responds, showing headers. dig resolves DNS in detail — useful when ping works by IP but fails by name.

Package management

On Ubuntu and Debian, apt installs, updates, and removes software from the official repositories.

13

Update the index and install packages:

sudo apt update
sudo apt upgrade -y
sudo apt install -y nginx git curl
sudo apt remove --purge old-package

apt update downloads the up-to-date package list — doesn’t install anything yet. apt upgrade applies available updates. apt install downloads and installs; -y confirms automatically. remove --purge uninstalls including configuration files.

Run update + upgrade weekly

On production VPS, automate apt update && apt upgrade -y via weekly cron or enable unattended-upgrades for security patches. An outdated server is the most common entry point for compromise.

Logs and diagnostics

When something breaks, the path is always the same: read the logs.

14

Query system logs with journalctl:

journalctl -p err -n 50
journalctl -u nginx -f
journalctl --since "1 hour ago"

journalctl is the unified log interface on systemd distros. -p err filters only errors, -n 50 shows the last 50 lines. -u nginx -f follows the nginx service in real time. --since accepts natural expressions (“yesterday”, “2 hours ago”).

15

Manage system services:

sudo systemctl status nginx
sudo systemctl restart nginx
sudo systemctl enable nginx

status shows whether the service is running plus the latest log lines. restart restarts it (use after changing config). enable makes the service start automatically on boot — forgetting this is a common cause of “the site didn’t come back after the reboot”.

Verification

To confirm you’ve absorbed the essentials, run this diagnostic sequence — it uses the 20 commands covered and gives you a complete snapshot of the VPS:

pwd && whoami && hostname
df -h && free -h
ss -tulpn | grep LISTEN
systemctl --failed
journalctl -p err -n 20 --no-pager

If the output makes sense — you know which directory you’re in, how much resource is free, which services are listening, whether any have failed, and which recent errors exist — you have the operational baseline to administer a Linux VPS with confidence.

Next steps

From here, three directions are worth taking:

  • SSH with public key: replace password login with an SSH key and disable password authentication in sshd_config — the first mandatory hardening step.
  • Firewall with ufw: learn ufw allow, ufw deny, ufw status to control exactly which ports are exposed.
  • Automation with cron and systemd timers: schedule backups, updates, and recurring tasks without depending on you logging in manually.
  • Nginx or Caddy configuration: serve sites and APIs with automatic HTTPS via Let’s Encrypt.

If you’re putting these fundamentals into practice, a Hostini VPS ships with SSH root access ready, a web console for emergencies when SSH fails, and clean Ubuntu/Debian/Rocky images so you can start without surprises.

Frequently asked questions

What's the difference between apt and apt-get?

apt is the modern, more user-friendly interface with colored output and a progress bar, designed for interactive use. apt-get is the traditional version, more stable for scripts and automation — the internal syntax barely differs. In production scripts, prefer apt-get; at the day-to-day terminal, use apt.

Why should I avoid using root directly and prefer sudo?

Logging in as root leaves any command without a safety net — a wrong rm wipes the system without confirmation. sudo requires your password, records every invocation in /var/log/auth.log, and lets you revoke privileges for a specific user without touching root. On production VPS, the standard is disabling direct root login via SSH.

How do I find which process is consuming all the VPS memory?

Run top or htop and sort by memory usage (in htop, F6 → PERCENT_MEM). For an instant snapshot via script, use ps aux --sort=-%mem | head -10. If a specific process is leaking memory over time, combine it with watch -n 5 'ps -p PID -o %mem,rss,cmd' to observe the curve.

What's the difference between chmod 644 and chmod 755?

644 grants read+write to the owner and read-only to everyone else — the standard for regular files (HTML, configs, text). 755 adds execute permission for all — required for directories (without x you can't enter) and for scripts/binaries. Never use 777 in production; it exposes write access to any user on the system.

How do I quickly see recent system errors?

On systemd-based distros (Ubuntu 20.04+, Debian 12, Rocky 9), use journalctl -p err -n 50 to see the 50 most recent errors. To follow in real time, journalctl -f. Older non-systemd logs live in /var/log/ — syslog, auth.log, and kern.log are the most useful.

How do I check if a port is open and who's listening on it?

ss -tulpn lists all TCP/UDP ports in listening state along with the owning process. To check a specific port, ss -tulpn | grep :443. If you want to test from outside whether the port responds, use nc -zv server-ip 443 or curl -v telnet://ip:443 from another machine.

Topics:
vps linux
Next steps Ryzen cloud with NVMe storage and always-on DDoS protection.Go live on a Hostini VPS →
Was this tutorial helpful?
Chat on WhatsApp