in

6 Linux security commands every new user should know

buzbuzzer/Getty Images

Most Linux distributions are considerably more secure than Windows out of the box. There are many reasons for that, including the inherent user and file permissions structure, the addition of underlying security technologies (such as SELinux and AppArmor), and the fact that it’s open-source (so code can be vetted and peer-reviewed at any time). 

Several commands that add to Linux’s security are available at your fingertips. Some of these (such as iptables) are more challenging to work with than others, and they range from being obviously geared toward security to more subtle. 

Also: Linus Torvalds talks AI, Rust adoption, and why the Linux kernel is ‘the only thing that matters’

These are a few commands that I believe every new Linux user should at least know about. Even if you don’t use them, knowing they’re there for you should help bolster your Linux confidence. 

1. sudo

This one is obvious, or should be. Any time you need to undertake a command that requires admin privileges, you’ll use sudo. If you want to upgrade your system, need to add a firewall rule — pretty much any process that requires elevated privileges requires sudo

So what is sudo? Simply put, it stands for “super user do” and gives any user with sudo privileges access to those elevated privileges. 

Also: 5 most beautiful Linux distributions: ‘Equal parts user-friendly and eye candy’

For those who work on Linux machines used by multiple people (such as a shared home computer), you can create users without sudo privileges, which means they cannot undertake any task that requires admin privileges. Those users will be locked out of upgrading the OS, installing applications, and more.

2. who

Have you ever been using your computer and wondered, “Is someone else logged in and doing something nefarious? On Linux, you can see exactly who’s logged in with the command who. You don’t have to use any options or arguments — just type who and hit Enter on your keyboard. 

Also: Linux market share hit its highest point ever last month

The output of the command will look something like this:

jack     :1           2024-08-18 08:23 (:1)

That displays the name of the user(s), the TTY they are using (in this case, :1), and the date/time of their login. 

If you find someone is logged in who shouldn’t be, you can force them out with a command like:

sudo pkill -KILL -u USERNAME

Where USERNAME is the name of the user.

3. file

Have you ever found a file on your system and wondered what type it is? This could be important if, for example, you see a file in a directory that you don’t remember creating or saving. Say you saved the file thisfile on your drive and you failed to add an extension that tells you what type of file it is. 

That file could either be a harmless text file, but it could also be a malicious binary file. To find out, issue the command:

file thisfile

The output might look something like this:

thisfile: ASCII text

Also: 5 Linux commands for quickly finding the system information you need to know

If the file is a binary and you don’t remember saving it in your home directory, you might consider deleting it. But be careful when deleting files: Do not venture into the root directory and start looking around in /etc/, /usr/, or any other system directory. Deleting files from there can wreak havoc on your system, so stick within your home directory.

<!–>

4. ufw

I’m only going to deal with one legit firewall command, which is ufw (Uncomplicated Firewall). This firewall command is found on Ubuntu-based distributions and makes using a firewall very easy. 

For instance, to enable the firewall, the command is:

sudo enable ufw

By default, all incoming traffic is blocked, so you’ll need to add rules to enable specific services. For example, say you want to allow SSH (Secure Shell) traffic through. For that, the command would be:

sudo ufw allow ssh

You can verify the rule was added with:

sudo ufw status

You’ll see a list of all enabled rules, each of which has an associated number. Say the SSH rule is number 1 and you want to delete it. For that, the command would be:

sudo ufw delete 1

You could also delete the rule like this:

sudo ufw delete allow ssh

5. passwd

There may come a time when you need to change your user password. For example, you might have had to share it with someone else so they could temporarily log into your account. Maybe you suspect that someone else has discovered your password and is using it, or you just like to regularly change it for heightened security. 

Also: 5 Linux terminal apps that are better than your default (and why)

Either way, the command to change your password is simple:

Notice you don’t have to use sudo for this, because you have permission to change your own account password. If you were changing the password for another user, you’d need to use sudo, and the command would look like this:

sudo passwd USERNAME

Here, USERNAME is the name of the user in question.

6. setfacl

You may need to give someone who isn’t a file’s owner (or a member of a group with access to it) permission to access the file. There are several ways to do this, but one of the easiest is to use the setfacl command. 

Let’s say you have file.txt and you need to give user Olivia read access to the file. The command for that would be:

setfacl -m u:olivia:r file.txt

The only hiccup here is if you’re using a distribution that locks users out of your home directory. The latest releases of Ubuntu do this, which means you’d have to move the file into a directory the other user has permission to view (or create one outside of home).

Also: 10 things I always do after installing Linux – and why you should too

You can also give (r)ead, (w)rite, and e(x)ecutable permissions and even do it recursively. For example, say you have the directory Project and you want Olivia to have full access to it and all the files it contains. For that, the command would be:

setfacl -R -m u:olivia:rwx Project

Olivia would then have the necessary permissions for the file.

Of the above commands, I’d say all but setfacl should be considered a must-know. As far as setfacl goes: Keep that one in your pocket. 

Everything you need to host the best Labor Day party

This rugged Android phone has thermal superpowers that make my iPhone look boring