Network Shell Commands

• arpwatch - Ethernet Activity Monitor.
• bmon - bandwidth monitor and rate estimator.
• bwm-ng - live network bandwidth monitor.
• curl - transferring data with URLs.
• httpie.org
• darkstat – captures network traffic, usage statistics.
• dhclient - – Dynamic Hostµ Configuration Protocol Client
• dig - query DNS servers for information.
• dstat - replacement for vmstat, iostat, mpstat, netstat and ifstat.
• ethtool - utility for controlling network drivers and hardware.
• gated - – gateway routing daemon.
• host - – DNS lookup utility.
• hping - – TCP/IP packet assembler/analyzer.
• ibmonitor - shows bandwidth and total data transferred.
• ifstat -  report network interfaces bandwidth.
• iftop -  – display bandwidth usage.
• ip -  (PDF file) – a command with more features that ifconfig (net-tools).
• [ipcalc] - ipnetwork calculator.
• iperf3 - – network bandwidth measurement tool. (above screenshot Stacklinux VPS)
• iproute2 - collection of utilities for controlling TCP/IP.
• iptables - – take control of network traffic.
• IPTraf -  – An IP Network Monitor.
• iputils - set of small useful utilities for Linux networking.
• iw - nl80211 based CLI configuration utility for wireless devices.
• jwhois -  (whois) – client for the whois service.
• “lsof -i” - – reveal information about your network sockets.
• mtr - network diagnostic tool.
• mosh
• net-tools - tool, iptunnel and ipmaddr.
• ncat - improved re-implementation of the venerable netcat.
• netcat - – networking utility for reading/writing network connections.
• nethogs - a small ‘net top’ tool.
• Netperf -  – Network bandwidth Testing.
• netsniff-ng - – Swiss army knife for daily Linux network plumbing.
• netstat - – Print network connections, routing tables, statistics, etc.
• netwatch - monitoring Network Connections.
• ngrep - grep applied to the network layer.
• nload - – display network usage.
• nmap - network discovery and security auditing.
• nmcli - a command-line tool for controlling NetworkManager and reporting network status.
• nmtui - provides a text interface to configure networking by controlling NetworkManager.
• nslookup - query Internet name servers interactively.
• ping - send icmp echo_request to network hosts.
• route - show / manipulate the IP routing table.
• slurm - – network load monitor.
• snort - – Network Intrusion Detection and Prevention System.
• smokeping -  keeps track of your network latency.
• socat - establishes two bidirectional byte streams and transfers data between them.
• speedometer - Measure and display the rate of data across a network.
• speedtest-cli - – test internet bandwidth using speedtest.net
• ss - utility to investigate sockets.
• ssh -  secure system administration and file transfers over insecure networks.
• tcpdump - command-line packet analyzer.
• tcptrack - – Displays information about tcp connections on a network interface.
• telnet - user interface to the TELNET protocol.
• tracepath - very similar function to traceroute.
• traceroute - print the route packets trace to network host.
• vnStat -  – network traffic monitor.
• websocat -  – Connection forwarder from/to web sockets to/from usual sockets, in style of socat.
• wget -  retrieving files using HTTP, HTTPS, FTP and FTPS.
• Wireless Tools for Linux - iwconfig, iwlist, iwspy, iwpriv and ifrename.
• Wireshark - network protocol analyzer.

#TODO: conntrack

#curl

Transfer a URL.

• go https://mholt.github.io/curl-to-go/
• python https://pypi.org/project/requests-to-curl/

curl is a tool to transfer data from or to a server, using one of the supported protocols (DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET and TFTP). The command is designed to work without user interaction.

# aliased curl download
dl="curl -LO $URL"

# save files as
curl -L $URL -o $FILE

# keep it silent
curl -Ls $URL -o $FILE

#iptables

#mrt

A network diagnostic tool

mrt
mrt --udp
mrt --tcp
mrt --sctp

#TODO: nc

#TODO: traceroute

#TODO: tshark

Wireshark CLI

#TODO: tc

#TODO: socat

Proxy any two things

#ss

#ssh Secure Shell

SSH, also known as Secure Shell or Secure Socket Shell, is a network protocol that gives users, particularly system administrators, a secure way to access a computer over an unsecured network.

#ssh

# ssh into <hostname> using <user> and its private key (-i)
ssh <user>@<hostname> -i ~/.ssh/id_rsa
# ssh and run command & exit!
ssh <user>@<hostname>  uname -a
# ssh and run command (with quotes) & exit!
ssh <user>@<hostname>  'echo "This is cool"'
# opens secret tunnel!
ssh <user>@<hostname> -Nfl 3000:localhost:8080
# bastion ssh
ssh <user>@<hostname> "ssh <user>@<internal.hostname> 'echo 1'"

#ssh-keygen

Authentication key generation, management and conversion

# Removes keys from hostname
ssh-keygen -R <hostname>
# Generates Keys
ssh-keygen -t ed25519 -C "example@example.com" -f ./infra/ssh_key

#ssh-copy-id

Copy public key onto host.

ssh-copy-id -i ~/.ssh/id_rsa.pub <user>@<hostname>
# if no ssh-copy-id - we can use this shortcut.
cat ~/.ssh/id_rsa.pub | ssh <user>@<hostname> 'cat >> ~/.ssh/authorized_keys'

#ssh-agent

The ssh-agent is a helper program that keeps track of users’ identity keys and their passphrases.

# If ssh-agent is not automatically started at login, it can be started manually with the command
eval `ssh-agent`
#The easiest way to check is to check the value of the SSH_AGENT_SOCK environment variable.
# If it is set, then the agent is presumably running. It can be checked by
echo $SSH_AGENT_SOCK

#ssh-add

To add an arbitrary private key, give the path of the key file as an argument to ssh-add

ssh-add ~/.ssh/id_rsa

#scp

scp is a program for copying files between computers.

# scp [options] <user>@<src-host>:dir/file <user>@<dst-host>:dir/file
ssh <user>@<hostname> "scp <user>@<internal.hostname>:~/src.tar.gz ~/dst.tar.gz"
# The bandwidth is specified in Kbit/sec - so this is 1mb per sec (its 20 mb persec by default)
scp -l 8000 <user>@<hostname>:/home/user/* .
# copy todo.txt into /home/user
scp ~/todo.txt <user>@<hostname>:/home/user/
# recursive copy
scp -r ~/dir <user>@<hostname>:~/dir

#pscp (windows)

pscp is a shell command that works almost on Windows Shell the same way that scp works on Linux or Mac OS X

#sshd_config

The sshd_config file is an ASCII text based file where the different configuration options of the SSH server are indicated and configured with keyword/argument pairs. Arguments that contain spaces are to be enclosed in double quotes (").

Port                   2278                    # port
PermitRootLogin        no                      # no root login
PasswordAuthentication no                      # turn off - passwords
PubkeyAuthentication   yes                     # turn on  - ssh keys only
AuthorizedKeysFile     %h/.ssh/authorized_keys # Public Keys location

• ssh.com: What is SSH (Secure Shell)
• ssh.com: How to Configure the OpenSSH Server?