Sammlung nützlicher Befehle

General Tool Commands


fetch all git branches and prune remotely deleted branches

git remote update origin --prune

man git-remote

delete all files and directories in a Git work tree which are under gitignore (e.g. for removing builds)

get number of commits in a Git repository

## total number (in all branches)
git rev-list --all | wc -l
## number per committer
git shortlog -s -n --all

man git-rev-parse man git-shortlog

show predefined macros of a compiler

gcc -dM -E -x c /dev/null
g++ -dM -E -x c /dev/null
clang -dM -E -x c /dev/null
clang++ -dM -E -x c /dev/null


show details for a certificate file

# certificate has PEM format (Pretty Enhanced Mail)
openssl x509 -in cert-file.pem -text -noout -fingerprint
# certificate has DER format (Distinguished Encoding Rules)
openssl x509 -inform der -in cert-file.cer -text -noout -fingerprint

man x509

show details for a private key file

openssl rsa -in privkey.pem -text -noout

man rsa

show details of a certificate signing request

openssl req -in csr.pem -noout -text

man req

extract certificate and private key from PKCS#12 file

openssl pkcs12 -in yourP12File.pfx -clcerts -nokeys -out publicCert.pem
openssl pkcs12 -in yourP12File.pfx -nocerts -out privateKey.pem

man pkcs12

create a self-signed certificate

openssl genrsa -out privKey.pem
openssl req -new -x509 -key privKey.pem -out cert.pem

man genrsa man req

AES-256-CBC benchmark

## with AES-NI (if available)
openssl speed -evp aes-256-cbc
## without AES-NI
OPENSSL_ia32cap="~0x200000200000000" openssl speed -evp aes-256-cbc
## multithread
openssl speed -multi 2 -evp aes-256-cbc

man speed

parse a file's ASN.1 content

openssl asn1parse -in someCertOrKeyOrOther.pem

man asn1parse

Network Stuff

test a proxy server

curl -x <[protocol://][user:password@]proxyhost[:port]> | w3m -dump -T text/html
# for Squid running on localhost that's:
curl -x | w3m -dump -T text/html


measure duration of HTTP request

curl -w %{time_connect}:%{time_starttransfer}:%{time_total}


check whether a TCP connection can be established with a three second timeout

nc -w3 -z 80 ## return code zero on success


mDNS query

dig somehostname.local @ -p 5353


verify DNSSEC chain of a domain

## obtain the root keys first
drill -S -k /usr/local/etc/unbound/root.key
## if your resolver does not support DNSSEC use e.g. Quad9
drill -S -k /usr/local/etc/unbound/root.key @


check whether your DNS resolver discards invalid DNSSEC domains



check whether your DNS resolver uses QNAME minimisation

dig txt +short


scan all TCP ports of a host

nmap -p-


reverse DNS lookup of an IP subnet

nmap -R -sL
nmap -R -sL -6 2001:db8::43a1:89d0/124


scan for responding hosts in an IP subnet

## probe TCP connect on Port 80 with five attempts for each host
## probe ICMP with five attempts for each host
nping --icmp
## probe ICMP with one attempt for each host and 200ms between requests (and decrease verbosity)
nping -q --count 1 --delay 200ms --icmp


File Stuff

count lines of a certain file type recursively (e.g. C++ source files)

find /your/dir -name "*.cpp" -print0 | xargs -0 wc -l
find /your/dir -type l ! -exec test -e {} \; -print

delete recursively all files with a certain name (e.g. “.DS_Store”)

find /your/dir -type f -name .DS_Store -print -delete

create checksums of directory tree and verify them

# create checksums of directory tree
rhash -r --md5 /backups/ > /tmp/backups.md5
rhash -r --crc32 /backups/ > /tmp/backups.sfv
# check one file containing MD5 hashes
rhash -c /tmp/backups.md5
# check all SFV, MD5 and SHA-256 files in directory tree
rhash -cr --crc-accept=sfv,md5,sha256 /tmp/directory/

man rhash

create a file with specific timestamps

touch -a -m -t 202612180130.09 fileName.ext
## -a = accessed
## -m = modified
## -t = timestamp - use [[CC]YY]MMDDhhmm[.ss] time format

man touch

handle sparse files

## create a 100 GiB sparse file
truncate -s 100G fileName.ext
## copy sparse files (works also from/to block devices; 4k should match the block size used within you sparse file)
dd if=inputSparse.ext of=outputSparse.ext bs=4096 conv=sparse

man truncate man dd

Disk and Partition Stuff

show information about partitions of disks (on Linux)

file -s /dev/sd*

disk images over SSH

## from a local disk send compressed image to remote host
dd if=/dev/sda bs=1048576 | pv | lz4 | ssh "dd of=/backup/basil-sda.img.lz4"
## to a local disk receive compressed image from remote host
ssh "cat /backup/basil-sda.img.lz4" | lz4cat | pv | dd of=/dev/sda bs=1048576

Conversion Stuff

make a big image small with ImageMagick

convert big_input.tif -resize 256x256 small_output.png

convert(1) ImageMagick(1)

make an image grayscale and remove any transparency with ImageMagick

convert input.png -alpha deactivate -colorspace Gray output.png

convert(1) ImageMagick(1)

Unix timestamp to human readable time

## with BSD date
date -r 1523210382
## with GNU date
date -d @1523210382

date(1) from BSD — date(1) from GNU

format XML

## prettify XML (proper indentation)
xmllint --format input_ugly.xml > output_pretty.xml
## uglify XML (remove unnecessary whitespace)
xmllint --noblanks input_pretty.xml > output_ugly.xml


C array of the content of some file

xxd -i someFile.bin


change the character encoding of a file‘s content

## convert from "UTF-8" to "ISO-8859-1"
recode utf8...latin1 test.dat 
## autodetect and convert to "ISO-8859-1"
recode ..latin1 test.dat
## list available encodings available in your "recode" build
recode --list

recode(1) (more lightweight and probably already installed alternative: iconv(1))

occurrences of non-ASCII characters in a file‘s content (with GNU grep)

ggrep --color='auto' -P -n "[\x80-\xFF]" file.txt

occurrences of invalid UTF-8 characters in a file‘s content (this assumes you have an UTF-8 locale set)

grep -axv '.*' file.txt

some StackOverflow discussion

count how many time each byte value occurs in a file‘s content

recode latin1/..count-characters < input.dat


Process Stuff

execute a program in a background terminal

## create named session using the terminal emulator "screen"
screen -dMS some_session_name /usr/bin/command command_args
## show PID of the "screen" session
screen -lsS some_session_name | awk '/\.some_session_name\t/ {print $1}' | cut -d. -f1
## attach to the session
screen -rS some_session_name

show child PIDs of a PID

pgrep -P 56789

Bourne Again Shell

delete entries from the command history (e.g. to remove passwords)

## show the current history
## determine the entry number, in this example the desired entry was #501
history -d 501

avoid history recording for one interactive shell completely

Cookies helfen bei der Bereitstellung von Inhalten. Durch die Nutzung dieser Seiten erklären Sie sich damit einverstanden, dass Cookies auf Ihrem Rechner gespeichert werden. Weitere Information
commands-general-tools.txt · Zuletzt geändert: 2019/03/13 18:38 von alex