Chris Hoffman is Editor-in-Chief of How-To Geek. He’s written about technology for over a decade and was a PCWorld columnist for two years. Chris has written for The New York Times, been interviewed as a technology expert on TV stations like Miami’s NBC 6, and had his work covered by news outlets like the BBC. Since 2011, Chris has written over 2,000 articles that have been read nearly one billion times—and that’s just here at How-To Geek. Read more.
Linux users often use the terminal to accomplish tasks. This can be intimidating if you’re a new Linux user who wants a graphical environment that’s easy to come to grips with, but you shouldn’t be put off by the Linux terminal.
The Linux terminal is a powerful tool that makes it possible to accomplish some tasks much more quickly than you could with graphical tools. However, these days, you can accomplish most things graphically. Using the terminal isn’t mandatory.
The Terminal Is Optional
Whether you want to install software, configure your network, or tweak other system settings, you can do it from the terminal – but you can also do it from the graphical interface. Most settings you would want to change are easily accessible in the standard graphical control panels.
If you have never tried using Linux, you may have an expectation that you will have to learn terminal commands to get around, but this has become less and less true with each passing year. Give Ubuntu a try and you may be surprised at how little you’ll need to use the terminal. Many users shouldn’t need to touch the terminal at all.
(It is possible that, if your hardware isn’t well-supported, you may have to use terminal commands. With properly supported hardware, you should not have to mess around with the terminal to make things work.)
…But the Terminal Can Be More Efficient
In spite of how usable Linux’s graphical tools now are, websites like ours constantly use terminal commands when writing instructions for Linux users. On the other hand, we include step-by-step graphical instructions for using the Windows graphical interface in our articles.
If you’re wondering why websites like How-To Geek still use terminal commands, it’s simple: Terminal commands are powerful and can make things much faster. if you don’t know a command, it can be faster to use the graphical interface. However, if you do know the appropriate command, using the Terminal can speed things up.
Let’s try to illustrate this by writing some instructions for accomplishing a task using both the graphical interface and the terminal. Let’s say we have just installed Ubuntu and we want to install Pidgin and Chromium.
Here’s how we’d accomplish the task using the graphical user interface:
Open the Ubuntu Software Center, type Pidgin into the search box, click Pidgin Internet Messenger, click Install, and enter your password. Type Chromium into the search box, click Chromium Web Browser, and click Install.
This is a fairly simple process that inexperienced users should be able to figure out on their own, but it’s not the most concise explanation and it requires quite a few clicks. If we wanted to install many more programs at once, this would take forever.
Here’s how we’d accomplish the same task using a terminal:
Open a terminal window, copy-paste the following line into the terminal, and press Enter:
sudo apt-get install pidgin chromium-browser
The second line is much faster. It’s easy for readers, too – all they have to do is copy-paste. Note that we’re using a single command to install two programs – we could even install 50 different applications with a single command. When you are installing a large amount of software or doing more system tweaks, this can be a much faster process than guiding people through a long clicking process for each task.
In both cases, this is faster than the equivalent Windows process of downloading installers from multiple websites and clicking through installation wizards.
Windows Has Scary Low-Level Settings, Too
Not all settings on Linux are available in user-friendly control panels, but not all settings on Windows are available in user-friendly control panels, either. We have covered a lot of registry hacks you can use to customize hidden settings in Windows. The group policy editor contains many more.
You may have to use the terminal on Linux, but you may also have to step into the registry editor on Windows. With both operating systems, you can install third-party graphical tweaking applications that help automate some of the more popular tweaks.
Microsoft is trying to catch up with the powerful Linux terminal – that’s why they created Windows PowerShell, a more powerful command-line shell than the traditional DOS-like Command Prompt. If you are only familiar with DOS and the Windows Command Prompt, you would rightly be skeptical of command-line interfaces – but the Linux terminal is so much more powerful and flexible than DOS or the Windows Command Prompt.
Learning the Linux Terminal
There’s obviously a learning curve to go through before you can use the terminal to compose your own commands. You can find quite a few tutorials for learning the Linux terminal here at How-To Geek:
In summary: Don’t be scared of the Linux terminal. It’s an optional, powerful tool. If a lot of Linux geeks end up using it, it’s because it’s more efficient for many tasks. Just as geeks use keyboard shortcuts to speed things up rather than clicking everything, terminal commands can be faster than graphical tools, after you learn them.
Taylor Gibb is a professional software developer with nearly a decade of experience. He served as Microsoft Regional Director in South Africa for two years and has received multiple Microsoft MVP (Most Valued Professional) awards. He currently works in R&D at Derivco International. Read more.
It’s easy to change your IP address using a graphic interface, but did you know that Linux also lets you change your network card’s IP address using a simple command from the command line?
This trick should work on all Debian-based Linux distros, including Ubuntu. To get started, type ifconfig at the terminal prompt, and then hit Enter. This command lists all network interfaces on the system, so take note of the name of the interface for which you want to change the IP address.
To change the settings, you also use the ifconfig command, this time with a few additional parameters. The following command changes the network interface named “eth0” to use the IP address 102.168.0.1, and assigns the subnet mask 255.255.255.0:
You could, of course, substitute in whatever values you want. If you run ifconfig again, you will see that your interface has now taken on the new settings you assigned to it.
If you also need to change the Default Gateway used by the network interface, you can use the route command. The following command, for example, sets the default gateway for the “eth0” interface to 192.168.0.253:
To see your new setting, you will need to display the routing table. Type the following command at the prompt, and then hit Enter:
That’s all there is to changing your IP address from the terminal. If you’re interested in other great networking tools you can use at the terminal, be sure to check out our guide to the subject.
Chris Hoffman is Editor-in-Chief of How-To Geek. He’s written about technology for over a decade and was a PCWorld columnist for two years. Chris has written for The New York Times, been interviewed as a technology expert on TV stations like Miami’s NBC 6, and had his work covered by news outlets like the BBC. Since 2011, Chris has written over 2,000 articles that have been read nearly one billion times—and that’s just here at How-To Geek. Read more.
To use the Linux terminal like a pro, you’ll need to know the basics of managing files and navigating directories. True to the Unix philosophy, each command does one thing and does it well.
Midnight Commander, a full-featured file manager for the Linux terminal, acts as a powerful front end to all these commands.
ls – List Files
The ls command lists the files in a directory. By default, ls lists files in the current directory.
You can also list files recursively — that is, list all files in directories inside the current directory — with ls -R.
ls can also list files in another directory if you specify the directory. For example, ls /home will list all files in the /home directory.
cd – Change Directory
The cd command changes to another directory. For example, cd Desktop will take you to your Desktop directory if you’re starting from your home directory.
You can also specify a full path to a directory, such as cd /usr/share to go to the /usr/share directory on the file system.
cd .. will take you up a directory.
rm – Remove Files
The rm command removes files. Be careful with this command — rm doesn’t ask you for confirmation.
For example, rm file would delete the file named “file” in the current directory. Like with other commands, you could also specify a full path to a file: rm /path/to/file would delete the file at /path/to/file on your file system.
rmdir – Remove Directories
The rmdir command removes an empty directory. rmdir directory would delete the directory named “directory” in the current directory.
If the directory isn’t empty, you can use a recursive rm command to remove the directory and all files in it. rm -r directory would delete the directory named “directory” and all files in it. This is a dangerous command that could easily delete a lot of important files, so be careful when using it. It won’t ask for confirmation.
mv – Move Files
The mv command moves a file to a new location. This is also the command you’ll use to rename files. For example, mv file newfile would take the file named “file” in the current directory and move it to the file named “newfile” in the current directory — renaming it, in other words.
Like with other commands, you can include full paths to move files to or from other directories. For example, the following command would take the file named “file” in the current directory and place it in the /home/howtogeek folder:
cp – Copy Files
The cp command works the same way as the mv command, except it copies the original files instead of moving them.
You can also do a recursive copy with cp -r. This copies a directory and all files inside it to a new location. For example, the following command places a copy of the /home/howtogeek/Downloads directory into the /home/chris directory:
cp -r /home/howtogeek/Downloads /home/chris
mkdir – Make Directories
The mkdir command makes a new directory. mkdir example will make a directory with the name “example” in the current directory.
ln – Create Links
The ln command creates links. The most commonly used type of link is probably the symbolic link, which you can create with ln -s.
For example, the following command creates a link to our Downloads folder on our Desktop:
ln -s /home/howtogeek/Downloads /home/howtogeek/Desktop
Check out our article on symbolic links for more information.
chmod – Change Permissions
chmod changes a file’s permissions. For example, chmod +x script.sh would add executable permissions to the file named script.sh in the current folder. chmod -x script.sh would remove executable permissions from that file.
Linux file permissions can be a bit complicated. Check out our guide to Linux file permissions for more in-depth information.
touch – Create Empty Files
The touch command creates an empty file. For example, touch example creates an empty file named “example” in the current directory.
mc – A Full File Manager
Midnight Commander is one of many fully featured file managers you can use from the Linux terminal. It isn’t installed by default on most distributions; here’s the command you’ll need to install it on Ubuntu:
Once it’s installed, just run the mc command to launch it.
Use the arrow keys to select files and the Tab key to switch between panes. Press Alt-1 to see the help screen or Alt-2 to see the menu.
You can also use the mouse in Midnight Commander if your terminal environment has mouse support.
Remember that you’ll need to run these commands with root permissions if you’re modifying a system directory. On Ubuntu, add sudo to the beginning of commands you want to run with root permissions.
Hello folks, today let’s take a look at some 10 essential Linux network commands. These commands may be used to configure, to troubleshoot your network or to obtain some more information all via the terminal in Linux. So let’s go!
10 Essential Linux Network Commands
1. Ping (Packet Internet Groper)
PING command sends packet requests to the address you specify to test the connectivity between 2 nodes.
Note that the ping command will keep executing unless you ping with -c option to exit after N number of requests.
2. Netstat
Netstat command displays different information including open sockets and routeing tables. Run netstat command alone to see a list of open sockets. Netstat has a ton of opitons.
Add the option -r to display information on the routeing table.
Add the option -p to display information of programs connected to the open sockets.
3. Tcpdump
Tcpdump captures packets off a network interface and interprets them for you. It can be used to save entire packets for later inspection.
4. Host
Command to find name to IP or IP to name in IPv4 or IPv6 and also query DNS records. Give it a domain name and you’ll see the associated IP address. Give it an IP address and you’ll see the associated domain name.
5. Tracepath
Tracepath traces the path of the network to the destination you have provided. It attempts to list the series of hosts through which your packets travel on their way to a given destination. It can be very handy when trying to determine the points of slowness in your connection path.
6. Ifconfig
This command is used to display IP Address, Hardware and MAC address. It is also used configure network interfaces. You can use it to activate or deactivate interfaces, assign an IP Address to the interface.
a. Ifdown
Use ifdown device-name/interface name to bring an interface down by following a script (which will contain your default networking settings). Simply type ifup and you will get help on using the script.
For example typing: ifdown eth0 Will bring eth0 up if it is currently down.
b. ifup
Use ifdown device-name to bring an interface up by following a script (which will contain your default networking settings). Simply type ifup and you will get help on using the script.
For example typing: ifup eth0 Will bring eth0 up if it is currently down.
7. Route
The route command is the tool used to display or modify the routeing table.
You may add or delete routes or add a default gateway with the following commands. route add -net 10.10.10.0/24 gw 192.168.0.1
route del -net 10.10.10.0/24 gw 192.168.0.1
route add default gw 192.168.0.1
8. Nslookup
This command is used to find DNS related query.
9. Dhclient
Use this command to release (-r option) your IP address and get a new one from your DHCP server.
10. Whois
This is a just a few of the very many useful networking commands for Linux. Share in the comments, some other basic networking commands not in this list. Thanks for reading. A whois query for LinuxAndUbuntu will go something like this –
So in the same way this command will give you information for other domains. Yeah! You can pass google domain. 🙂
Conclusion
So these are the 10 essential Linux network commands. There are tons of more left for you to explore. You can practice these commands so that you can master them and execute when need to. You can also comment your favorite Linux network commands in the comment section below. Enjoy!
There are a lot of control sequences available on Linux systems — maybe even some you’ve never used.
There are quite a few control sequences available on Linux systems— many I use routinely, and some I’ve only just recently discovered— and they can be surprisingly useful. In today’s post, we’re going to run through a series of them and take a look at what they do and how they might be useful.
To start, unless you’re brand spanking new to the command line, you are undoubtedly familiar with the ctrl-c sequence that is used to terminate a running command. In print, this same sequence might be expressed as ^c or control-c and sometimes the “c” will be capitalized, but the expression always means “hold the control key and press the key specified — with no shift key or hyphen involved.
The ctrl-d sequence closes the terminal window or end terminal line input.
You may have never tried ctrl-u. This control sequence and its “partner in crime” ctrl-y work together in an interesting way. The ctrl-u sequence removes the text you’ve just typed from command line and places it in something of a clipboard while ctrl-y puts in back. So, when you’ve just typed a complicated command, but not yet hit return, and then realize that you need to run some other commands first, you can save the command you’ve typed, take care of whatever other commands you need to run and then yank the command you saved back into place.
The ctrl-s and ctrl-q sequences also have a working relationship. Where ctrl-s freezes your screen, ctrl-q allows the display to continue rolling again.
The ctrl-z sequence suspends the current process. You can bring it back to life with the fg (foreground) command or have the suspended process run in the background by using the bg command. If you then want to stop the process, you’ll then have to list your background processes with the jobs command and use kill (e.g., kill %1). Don’t forget the % that specifies the process by job number rather than its PID.
The ctrl-h, ctrl-w and ctrl-u sequences erase (i.e., back over) the last letter you just typed, the last word that you just typed, or the entire line.
The ctrl-a and ctrl-e will move your cursor to the beginning or end of the text you have just typed.
The ctrl-r sequence allows you to easily rerun recently entered commands. Type ctrl-r followed by the beginning of the command that you want to rerun. The command run will be the most recent one that began with the letters you enter.
Control sequences can be handy if you can keep them straight. Here’s a quick rundown of the control sequences just covered:
You can take control of control sequences that aren’t behaving as expected with a command like this one that reasserts ctrl-h as the erase sequence.
Note that the stty -a command will list your control sequences:
More on the stty command is available at Using stty to your advantage.
The only difficult part of using control sequences is remembering which does what. For some, the letter suggests the control sequence function. For others . well, not so much. But they can all be very useful.
Sandra Henry-Stocker has been administering Unix systems for more than 30 years. She describes herself as “USL” (Unix as a second language) but remembers enough English to write books and buy groceries. She lives in the mountains in Virginia where, when not working with or writing about Unix, she’s chasing the bears away from her bird feeders.
Wondering how to check connectivity between two network endpoints?
One of the common tasks for sysadmin is to check the connectivity to troubleshoot networking issues. It could be anything like application can’t connect to backend service, unable to fetch data from external URL, verify if the flow is opened, etc.
Whatever it might be, the following utility/commands would help you. They are tested on CentOS 7.x, and I don’t see any reason not to work on another Linux distro.
telnet
One of the widely used commands to test essential connectivity between servers, server to another network device’s IP. The syntax for the command is easy.
Let’s say you want to test if you can connect to port 8080 on 10.0.0.1 IP address; then the command would be.
If there is no issue in connecting, then you should see the connected message.
Note: if you get command not found while executing telnet then you need to install telnet as I explained here.
In most of the scenarios, telnet should help. However, if you need some other option then here are some telnet alternatives.
ncat or nc
Ncat (a.k.a. nc) is a powerful network utility with many features like bind and accept a connection, execute command remotely, write and read data, etc. It works on IPv4 and IPv6, both.
To do a simple test to check if the port is opened or not, you will execute the following.
Let’s take an example of testing 443 port on geekflare.com.
As mentioned, you can also use nc to bind the connection to listen on a particular port. This can be handy when you don’t have actual services running but want to ensure connectivity exists.
To start listening on a port:
It will bind the port on a given number.
If ncat is not installed, then you can get it done with yum install nc on CentOS/RHEL servers.
wget is a useful command to download/test HTTP, HTTPS, and FTP. If you are working as a web engineer or often dealing with web related issue then wget is your friend. Testing using wget is straightforward.
Here is an example of testing tools.geekflare.com
If it shows connected means there is no connectivity issue.
A curl is a multipurpose tool.
Do you know you can telnet to a port using curl?
Well, now you know.
The following is a working example.
And, when there is no listening port or firewall issue, then you will see trying…
You can also use curl to download the data. It supports multiple protocols – HTTP, HTTPS, FTP, IMAP, LDAP, POP3, SCP, SFTP, GOPHER, etc.
A popular tool with hundreds of features. Often this is considered as a security tool. nmap let you test a single IP/port or in the range.
To test a single port
An example of testing port 443 on siterelic.com
Look at state column. If you see open means connection is ok. And, if the state is filtered that means connectivity doesn’t exist.
Conclusion
telnet is phasing out in the latest Linux version. Thanks to the above telnet alternative.
If you are new to Linux and looking to learn then check out this Udemy course.
Geekflare is supported by our audience. We may earn affiliate commissions from buying links on this site.
Learn about useful networking commands that are pre-installed on your computer and will help you know everything about a website.
What is my IP address? Who is the host of this website? Which mail service is this domain using? There exist web tools that can uncover these details but this sort of research can also be done using the command line on your computer.
Let’s explore a few essential networking commands that will help you know everything about a website from the terminal itself.
What is my IP address
Make a curl or wget request to the checkip.amazonaws.com and it prints the public IP address of your computer. You can also connect to Akamai’s whatismyip.akamai.com domain get your external IP address.
What is my Private IP address
Your computer has a private IP address that only work within the local network. For older Macs with a wired Ethernet port, use en0 for Ethernet interface or en1 for the WiFi interface. The networksetup -listnetworkserviceorder command will print a list all network interfaces available on your machine.
Find the Location of IP address
The free ‘ip2c’ service resolves an IP address to the country.
Or use the ipapi service to get more details of an IP address including the city name, timezone and even the latitude and longitude associated with an IP address.
Check DNS Records
The dig command will help you query for any type of DNS records for a domain from the command line.
1. Find the IP address of a website
2. Find the Mail Server of Domain
The Mail Exchange (MX) records specify the incoming mail servers that used for delivering email messages sent to your domain name.
3. Print all DNS Records of a Domain
Get a list of all DNS records of a domain including TXT records, MX records and name servers. The name servers handle queries regarding the location of the domain’s website, email and other services.
Who is hosting a website?
Use the dig command to find the IP address of a website and then use the same dig command to perform a reverse lookup to find the host of that IP address.
For instance, this command will print the IP address of the Netflix website:
Use that IP address in the next command to get the hostname:
Find the owner of the website
Use the built-in whois command to reveal important information about any web domain including the date when it was first registered, the contact details of the website owner, the expiration date of the domain, the name of the domain registrar and so on.
You can also query the domain registration details on a specific registrar’s server with the -h flag. For instance, the next command performs a whois lookup on a website using the WHOIS server of Google Domains.
Test Network Connectivity with Ping
The ping command helps you test if a remote host is reachable and whether your machine can connect to it properly.
The above command pings the host 5 time and there’s a 2 second wait between pings.
Where’s the fault?
If your Internet connection is working but you are unable to reach a website, there could be an issue with an intermediate router that the packets have to pass through to reach the server.
The traceroute commands prints the network path from your local computer to the website that the traffic must pass through and this information can be useful for diagnosing connectivity issues.
Using the command netstat to find open ports:
One of the most basic commands to monitor the state of your device is netstat which shows the open ports and established connections.
Below an example of the netstat with additional options output:
Where:
-a: shows the state for sockets.
-n: shows IP addresses instead of hots.
-p: shows the program establishing the conenction.
An output extract better look:
The first column shows the protocol, you can see both TCP and UDP are included, the first screenshot also shows UNIX sockets. If you are suspicious that something is wrong, checking ports is of course mandatory.
Setting basic rules with UFW:
LinuxHint has published great tutorials on UFW and Iptables, here I will focus on a restrictive policy firewall. It is recommended to keep a restrictive policy denying all incoming traffic unless you want it to be allowed.
To install UFW run:
To enable the firewall at startup run:
Then apply a default restrictive policy by running:
You will need to manually open the ports you want to use by running:
Auditing yourself with nmap:
Nmap is, if not the best, one of the best security scanners in the market. It is the main tool used by sysadmins to audit their network security. If you are in a DMZ you can scan your external IP, you can also scan your router or your local host.
A very simple scan against your localhost would be:
As you see the output shows my port 25 and port 8084 are open.
Nmap has a lot of possibilities, including OS, Version detection, vulnerability scans, etc.
At LinuxHint we have published a lot of tutorials focused on Nmap and its different techniques. You can find them here.
The command chkrootkit to check your system for chrootkit infections:
Rootkits are probably the most dangerous threat to computers. The command chkrootkit
(check rootkit) can help you to detect known rootkits.
To install chkrootkit run:
Using the command top to check processes taking most of your resources:
To get a fast view on running resources you can use the command top, on the terminal run:
The command iftop to monitor your network traffic:
Another great tool to monitor your traffic is iftop,
The command lsof (list open file) to check for filesprocesses association:
Upon being suspicious something is wrong, the command lsof can list you the open processes and to which programs are they associated, on the console run:
The who and w to know who is logged into your device:
Additionally, to know how to defend your system it is mandatory to know how to react before you are suspicious your system has been hacked. One of the first commands to run before such situation are w or who which will show what users are logged into your system and through what terminal. Let’s begin with the command w:
Note: commands “w” and “who” may not show users logged from pseudo terminals like Xfce terminal or MATE terminal.
The column called USER displays the username, the screenshot above shows the only user logged is linuxhint, the column TTY shows the terminal (tty7), the third column FROM displays the user address, in this scenario there are not remote users logged in but if they were logged in you could see IP addresses there. The [email protected] column specifies the time in which the user logged in, the column JCPU summarizes the minutes of process executed in the terminal or TTY. the PCPU displays the CPU used by the process listed in the last column WHAT.
While w equals to executing uptime, who and ps -a together another alternative, despite with less information is the command “who”:
The command last to check the login activity:
Other way to supervise users’ activity is through the command “last” which allows to read the file wtmp which contains information on login access, login source, login time, with features to improve specific login events, to try it run:
Checking the login activity with the command last:
The command last reads the file wtmp to find information on login activity, you can print it by running:
Checking your SELinux status and enable it if needed:
SELinux is restriction system which improves any Linux security, it comes by default on some Linux distributions, it is widely explained here on linuxhint.
You can check your SELinux status by running:
If you get a command not found error, you can install SELinux by running:
Check any user activity using the command history:
At any time, you can check any user activity (if you are root) by using the command history logged as the user you want to monitor:
The command history reads the file bash_history of each user. Of course, this file can be adulterated, and you as root can read this file directly without invoking the command history. Yet, if you want to monitor activity running is recommended.
I hope you found this article on essential Linux security commands useful. Keep following LinuxHint for more tips and updates on Linux and networking.
About the author
David Adams
David Adams is a System Admin and writer that is focused on open source technologies, security software, and computer systems.
Getting an idea how often your users are logging in and how much time they spend on a Linux server is pretty easy with a couple commands and maybe a script or two.
The Linux command line provides some excellent tools for determining how frequently users log in and how much time they spend on a system. Pulling information from the /var/log/wtmp file that maintains details on user logins can be time-consuming, but with a couple easy commands, you can extract a lot of useful information on user logins.
One of the commands that helps with this is the last command. It provides a list of user logins that can go quite far back. The output looks like this:
Note that the tr -s ” “ portion of the command above reduces strings of blanks to single blanks, and in this case, it keeps the output shown from being so wide that it would be wrapped around on this web page. Without the tr command, that output would look like this:
While it’s easy to generate and review login activity records like these for all users with the last command or for some particular user with a last username command, without the pipe to head, these commands will generally result in a lot of data. In this case, a listing for all users would have 908 lines.
Counting logins with last
If you don’t need all of the login detail, you can view user login sessions as a simple count of logins for all users on the system with a command like this:
The list above shows how many times each user has logged since the current /var/log/wtmp file was initiated. Notice, however, that the command to generate it does depend on user accounts being set up in the default /home directory.
Depending on how much data has been accumulated in your current wtmp file, you may see a lot of logins or relatively few. To get a little more insight into how relevant the number of logins are, you could turn this command into a script, adding a command that shows when the first login in the current file occurred to provide a little perspective.
When you run the script, the “Logins since” line will let you know how to interpret the stats shown.
Looking at accumulated login time with ac
The ac command provides a report on user login time — hours spent logged in. As with the last command, ac reports on user logins since the last rollover of the wtmp file since ac, like last, gets its details from /var/log/wtmp. The ac command, however, provides a much different view of user activity than the number of logins. For a single user, we might use a command like this one:
This tells us that nemo has spent nearly 32 hours logged in. To use the command to generate a listing of the login times for all users, you might use a command like this:
In this command, we are replacing the word “total” in each line with the relevant username. And, as long as usernames are fewer than 8 characters, the output will line up nicely. To left justify the output, you can modify that command to this:
The first used of sed in that string of commands strips off the initial tabs.
To turn this command into a script and display the initial date for the wtmp file to add more relevance to the hour counts, you could use a script like this:
If you run the script, you’ll see the hours spent by each user over the lifespan of the wtmp file:
The difference between the user activity levels in this example is pretty obvious with one user spending only one hour on the system since October and another dominating the system.
Wrap-up
Reviewing how often users log into a system and how many hours they spend online can both give you an overview of how a system is being used and who are likely the heaviest users. Of course, login time does not necessarily correspond to how much work each user is getting done, but it’s likely close and commands such as last and ac can help you identify the most active users.
More Linux advice: Sandra Henry-Stocker explains how to use the rev command in this 2-Minute Linux Tip video
Sandra Henry-Stocker has been administering Unix systems for more than 30 years. She describes herself as “USL” (Unix as a second language) but remembers enough English to write books and buy groceries. She lives in the mountains in Virginia where, when not working with or writing about Unix, she’s chasing the bears away from her bird feeders.
