Bookmark this page

P 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17

Chapter 2. Accessing the Command Line

SectionAccessing the Command Line
Quiz: Accessing the Command Line
Accessing the Command Line Using the Desktop
Guided Exercise: Accessing the Command Line Using the Desktop
Executing Commands Using the Bash Shell
Quiz: Executing Commands Using the Bash Shell
Lab: Accessing the Command Line
Summary

Abstract

Goal	Log in to a Linux system and run simple commands using the shell.
Objectives	Log in to a Linux system on a local text console and run simple commands using the shell. Log in to a Linux system using the GNOME 3 desktop environment and run commands from a shell prompt in a terminal program. Save time by using tab completion, command history, and command editing shortcuts to run commands in the Bash shell.
Sections	Accessing the Command Line (and Quiz) Accessing the Command Line Using the Desktop (and Guided Exercise) Executing Commands Using the Bash Shell (and Quiz)
Lab	Accessing the Command Line

Accessing the Command Line

Objectives

After completing this section, you should be able to log in to a Linux system and run simple commands using the shell.

Introduction to the Bash Shell

A command line is a text-based interface which can be used to input instructions to a computer system. The Linux command line is provided by a program called the shell. Various options for the shell program have been developed over the years, and different users can be configured to use different shells. Most users, however, stick with the current default.

The default shell for users in Red Hat Enterprise Linux is the GNU Bourne-Again Shell (bash). Bash is an improved version of one of the most successful shells used on UNIX-like systems, the Bourne Shell (sh).

When a shell is used interactively, it displays a string when it is waiting for a command from the user. This is called the shell prompt. When a regular user starts a shell, the default prompt ends with a $ character, as shown below.

[user@host ~]$

The $ character is replaced by a # character if the shell is running as the superuser, root. This makes it more obvious that it is a superuser shell, which helps to avoid accidents and mistakes which can affect the whole system. The superuser shell prompt is shown below.

[root@host ~]#

Using bash to execute commands can be powerful. The bash shell provides a scripting language that can support automation of tasks. The shell has additional capabilities that can simplify or make possible operations that are hard to accomplish efficiently with graphical tools.

Note

The bash shell is similar in concept to the command-line interpreter found in recent versions of Microsoft Windows, cmd.exe, although bash has a more sophisticated scripting language. It is also similar to Windows PowerShell in Windows 7 and Windows Server 2008 R2 and later. Administrators using the Apple Mac who use the Terminal utility may be pleased to note that bash is the default shell in macOS.

Shell Basics

Commands entered at the shell prompt have three basic parts:

Command to run
Options to adjust the behavior of the command
Arguments, which are typically targets of the command

The command is the name of the program to run. It may be followed by one or more options, which adjust the behavior of the command or what it will do. Options normally start with one or two dashes (-a or --all, for example) to distinguish them from arguments. Commands may also be followed by one or more arguments, which often indicate a target that the command should operate upon.

For example, the command usermod -L user01 has a command (usermod), an option (-L), and an argument (user01). The effect of this command is to lock the password of the user01 user account.

Logging in to a Local Computer

To run the shell, you need to log in to the computer on a terminal. A terminal is a text-based interface used to enter commands into and print output from a computer system. There are several ways to do this.

The computer might have a hardware keyboard and display for input and output directly connected to it. This is the Linux machine's physical console. The physical console supports multiple virtual consoles, which can run separate terminals. Each virtual console supports an independent login session. You can switch between them by pressing Ctrl+Alt and a function key (F1 through F6) at the same time. Most of these virtual consoles run a terminal providing a text login prompt, and if you enter your username and password correctly, you will log in and get a shell prompt.

The computer might provide a graphical login prompt on one of the virtual consoles. You can use this to log in to a graphical environment. The graphical environment also runs on a virtual console. To get a shell prompt you must start a terminal program in the graphical environment. The shell prompt is provided in an application window of your graphical terminal program.

Note

Many system administrators choose not to run a graphical environment on their servers. This allows resources which would be used by the graphical environment to be used by the server's services instead.

In Red Hat Enterprise Linux 8, if the graphical environment is available, the login screen will run on the first virtual console, called tty1. Five additional text login prompts are available on virtual consoles two through six.

If you log in using the graphical login screen, your graphical environment will start on the first virtual console that is not currently being used by a login session. Normally, your graphical session will replace the login prompt on the second virtual console (tty2). However, if that console is in use by an active text login session (not just a login prompt), the next free virtual console is used instead.

The graphical login screen continues to run on the first virtual console (tty1). If you are already logged in to a graphical session, and log in as another user on the graphical login screen or use the Switch User menu item to switch users in the graphical environment without logging out, another graphical environment will be started for that user on the next free virtual console.

When you log out of a graphical environment, it will exit and the physical console will automatically switch back to the graphical login screen on the first virtual console.

Note

In Red Hat Enterprise Linux 6 and 7, the graphical login screen runs on the first virtual console, but when you log in your initial graphical environment replaces the login screen on the first virtual console instead of starting on a new virtual console.

In Red Hat Enterprise Linux 5 and earlier, the first six virtual consoles always provided text login prompts. If the graphical environment is running, it is on virtual console seven (accessed through Ctrl+Alt+F7).

A headless server does not have a keyboard and display permanently connected to it. A data center may be filled with many racks of headless servers, and not providing each with a keyboard and display saves space and expense. To allow administrators to log in, a headless server might have a login prompt provided by its serial console, running on a serial port which is connected to a networked console server for remote access to the serial console.

The serial console would normally be used to fix the server if its own network card became misconfigured and logging in over its own network connection became impossible. Most of the time, however, headless servers are accessed by other means over the network.

Logging in over the Network

Linux users and administrators often need to get shell access to a remote system by connecting to it over the network. In a modern computing environment, many headless servers are actually virtual machines or are running as public or private cloud instances. These systems are not physical and do not have real hardware consoles. They might not even provide access to their (simulated) physical console or serial console.

In Linux, the most common way to get a shell prompt on a remote system is to use Secure Shell (SSH). Most Linux systems (including Red Hat Enterprise Linux) and macOS provide the OpenSSH command-line program ssh for this purpose.

In this example, a user with a shell prompt on the machine host uses ssh to log in to the remote Linux system remotehost as the user remoteuser:

[user@host ~]$ ssh remoteuser@remotehost
remoteuser@remotehost's password: password
[remoteuser@remotehost ~]$

The ssh command encrypts the connection to secure the communication against eavesdropping or hijacking of the passwords and content.

Some systems (such as new cloud instances) do not allow users to use a password to log in with ssh for tighter security. An alternative way to authenticate to a remote machine without entering a password is through public key authentication.

With this authentication method, users have a special identity file containing a private key, which is equivalent to a password, and which they keep secret. Their account on the server is configured with a matching public key, which does not have to be secret. When logging in, users can configure ssh to provide the private key and if their matching public key is installed in that account on that remote server, it will log them in without asking for a password.

In the next example, a user with a shell prompt on the machine host logs in to remotehost as remoteuser using ssh, using public key authentication. The -i option is used to specify the user's private key file, which is mylab.pem. The matching public key is already set up as an authorized key in the remoteuser account.

[user@host ~]$ ssh -i mylab.pem remoteuser@remotehost
[remoteuser@remotehost ~]$

For this to work, the private key file must be readable only by the user that owns the file. In the preceding example, where the private key is in the mylab.pem file, the command chmod 600 mylab.pem could be used to ensure this. How to set file permissions is discussed in more detail in a later chapter.

Users might also have private keys configured that are tried automatically, but that discussion is beyond the scope of this section. The References at the end of this section contain links to more information on this topic.

Note

The first time you log in to a new machine, you will be prompted with a warning from ssh that it cannot establish the authenticity of the host:

[user@host ~]$ ssh -i mylab.pem remoteuser@remotehost
The authenticity of host 'remotehost (192.0.2.42)' can't be established.
ECDSA key fingerprint is 47:bf:82:cd:fa:68:06:ee:d8:83:03:1a:bb:29:14:a3.
Are you sure you want to continue connecting (yes/no)? yes
[remoteuser@remotehost ~]$

Each time you connect to a remote host with ssh, the remote host sends ssh its host key to authenticate itself and to help set up encrypted communication. The ssh command compares that against a list of saved host keys to make sure it has not changed. If the host key has changed, this might indicate that someone is trying to pretend to be that host to hijack the connection which is also known as man-in-the-middle attack. In SSH, host keys protect against man-in-the-middle attacks, these host keys are unique for each server, and they need to be changed periodically and whenever a compromise is suspected.

You will get this warning if your local machine does not have a host key saved for the remote host. If you enter yes, the host key that the remote host sent will be accepted and saved for future reference. Login will continue, and you should not see this message again when connecting to this host. If you enter no, the host key will be rejected and the connection closed.

If the local machine does have a host key saved and it does not match the one actually sent by the remote host, the connection will automatically be closed with a warning.

Logging Out

When you are finished using the shell and want to quit, you can choose one of several ways to end the session. You can enter the exit command to terminate the current shell session. Alternatively, finish a session by pressing Ctrl+D.

The following is an example of a user logging out of an SSH session:

[remoteuser@remotehost ~]$ exit
logout
Connection to remotehost closed.
[user@host ~]$

References

intro(1), bash(1), console(4), pts(4), ssh(1), and ssh-keygen(1) man pages

Note: Some details of the console(4) man page, involving init(8) and inittab(5), are outdated.

For more information on OpenSSH and public key authentication, refer to the Using secure communications between two systems with OpenSSH chapter in the Red Hat Enterprise Linux 8 Securing networks guide at https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/securing_networks/index#using-secure-communications-between-two-systems-with-openssh_securing-networks

Note

Instructions on how to read man pages and other online help documentation is included at the end of the next section.

Discuss Red Hat System Administration I

Go to community

RH124 Chapter 15 Lab 3: Install zsh Package

VictoriaB97

16 sty 2024

Hello,I am trying to finish up Lab 3 of the Chapter 15 Comprehensive Review Labs in RH124, and when I type in sudo dnf install zsh for the 6th specification of the lab, I get an error message basically saying that it failed to download metadata for the repo 'ansible-2.9-for-rhel-9-x86_64-rpms', and that they could not download repomd.xml. It provided a 404 status code.Can someone please let me know what the problem is, and if there is a current workaround? Thanks.

378

Red Hat System Administration I | Guided Exercise: Explain and Investigate RPM Software Pack

AbeHiero

10 lis 2023

I cannot start the lab with command: lab start software-rpm. I get this error:ModuleNotFoundError: No module named 'rhcsa-classroom'Script software-rpm not in course library rhcsa-classroom Anyone else see this?

172

Red Hat System Administration I (RH124)

Haley_Ruccio

19 lip 2023

The first of two courses covering the core system administration tasks needed to manage Red Hat Enterprise Linux serversRed Hat System Administration I (RH124) is designed for IT professionals without previous Linux system administration experience. The course provides students with Linux administration competence by focusing on core administration tasks. This course also provides a foundation for students who plan to become full-time Linux system administrators by introducing key command-line concepts and enterprise-level tools. This course is the first of a two-course series that takes a computer professional without Linux system administration knowledge to become a fully capable Linux administrator. These concepts are further developed in the follow-on course, Red Hat System Administration II (RH134).This course is based on Red Hat® Enterprise Linux 9.0.Course content summaryIntroduce Linux and the Red Hat Enterprise Linux ecosystem.Run commands and view shell environments.Manage, organize, and secure files.Manage users, groups and user security policies.Control and monitor systemd services.Configure remote access using the web console and SSH.Configure network interfaces and settings.Manage software using DNFAudience for this courseThe primary persona is a technical professional with current or pending responsibilities as a Linux enterprise or cloud system administrator.This course is popular in Red Hat Academy, and is targeted at the student who is planning to become a technical professional using Linux.Prerequisites for this courseBasic technical user skills with computer applications on some operating systems are expected.Take our free assessment to gauge whether this offering is the best fit for your skills.Technology considerationsThere are no special technical requirements for this course.This course is not designed for bring your own device (BYOD).Internet access is not required but is recommended so that students can research and browse Red Hat online resources.

336

Revision: rh124-8.2-df5a585