Linux CLI: Wong Edan’s Savage Command Line Survival Guide

Why Your GUI Is Basically Training Wheels (And Why You Need to Rip Them Off)

Look, I get it. You’ve got those fancy graphical interfaces with their shiny icons and mouse-driven workflows that make you feel like a digital toddler. Cute. Real cute. But here’s the brutal truth: if you’re still clicking buttons on Linux like it’s 1999, you’re not an admin—you’re a spectator. I’ve been elbow-deep in terminals since before “cloud” was just something in the sky, and let me pour this steaming cup of reality: the CLI isn’t just a tool; it’s your goddamn bloodstream. Contabo VMs don’t run on hope and hover tooltips. They run on raw, unfiltered keyboard fury. Today, I’m dumping 20+ years of avoiding GUI-induced brain rot into your lap. We’re talking surgical precision, keystroke economism, and the kind of command line jiu-jitsu that turns “ls -l” newbs into root-level warlocks. Buckle up, buttercup. Your mouse is getting retired.

Foundational Sorcery: The Daily Grind That Separates Peasants From Sultans

Tab Completion on Steroids: Beyond the Obvious

Yeah, yeah—I know you slap that TAB key like it owes you money to autocomplete filenames. Groundbreaking. But Wong Edan’s here to level you up. Ever tried tab-completing command options? Type ssh - then mash TAB twice. Boom! You get a scrollable menu of every possible flag OpenSSH understands—no man pages, no Googling, just pure, unadulterated laziness. Now, take it deeper: mount -t + TAB. Instantly see every filesystem type your kernel supports. But my personal favorite? kill - + TAB. Watch as it vomits every signal name (SIGKILL, SIGTERM) like a digital vomitorium. Pro tip: Hold Shift+T to cycle backwards through matches. Your pinky will thank you after 10,000 autocompletes.

Still clinging to “cd ../../..” like it’s your security blanket? Pathetic. cd - is your new best friend—it toggles you between your last two directories like a time-traveling hipster. But Wong’s patented nuclear option? pushd and popd. Imagine you’re buried in /var/log/nginx/access.log but need to jump to /etc/ssl/certs to grab a cert. Instead of cd /etc/ssl/certs and praying you remember the way back:

pushd /etc/ssl/certs do your cert thing popd

Like a breadcrumb trail for grown-ups. The shell even whispers your directory stack when you pushd—no magic smoke required.

History Isn’t Just for Losers: Weaponizing Your Past Mistakes

If you’re still using ↑ to scroll through history like a caveman, I feel bad for your wrists. Let’s fix that. Ctrl+R is your history search ninjutsu. Type Ctrl+R, then “nginx“—bam! Instantly jumps to your last nginx -t command. Hit Ctrl+R again to cycle older matches. But Wong’s personal cocktail? The ! operator on crack:

!$: Reuses the last argument from previous command. Example:
ls /var/log/nginx/error.log less !$ → Becomes less /var/log/nginx/error.log
!!: Executes the last command. Life-saver when you forget sudo:
apt install nginx E: Permission denied sudo !! → Runs sudo apt install nginx
!n: Execute command number n from history. First run history to see numbers.

Even crazier? !cp:s/old/new/ modifies and re-runs the last cp command, swapping “old” for “new” in the arguments. It’s like regex-powered time travel.

Now let’s talk history persistence. By default, your shell only remembers 500-1000 commands. For Wong, that’s like bringing a spork to a flamethrower fight. Open ~/.bashrc and add:

HISTSIZE=10000 HISTFILESIZE=20000 HISTTIMEFORMAT="%F %T "

This jackpots your history to 20K commands with timestamps. And the cherry on top? HISTCONTROL=ignoredups:erasedups nukes duplicates so you’re not drowning in 400 cd .. entries. Trust me—when you need to find that obscure ffmpeg command from 3 months ago, timestamped history is your lifeline.

File Operations: Where You Stop Wasting IOPS Like a Drunk Billionaire

rm Is for Amateurs: Advanced Deletion Without the PTSD

If you’re still rm -rf /-ing your way into oblivion, congratulations—you’re one typo away from unemployment. Wong’s deletion protocol:

alias rm='rm -i': Force confirmation (add to .bashrc). Yes, it’s tedious. Good.
For bulk deletes: find /logs -name "*.log" -mtime +30 -delete nukes logs older than 30 days. But Wong verifies first with: find /logs -name "*.log" -mtime +30 -ls to see what’ll get vaporized.
Nuclear option? trash-cli (install via apt install trash-cli). It moves files to ~/.local/share/Trash so you can trash-restore when (not if) you panic-delete something vital.

Example workflow for the paranoid (like me):

trash /critical/data.csv sleep 5 # Let panic subside ls ~/.local/share/Trash/files # Confirm it's there trash-empty # Only when 100% sure

Seriously—your future self will pour whiskey on your grave for this one.

grep on Crack: Finding Needles in Haystacks at Warp Speed

Everyone knows grep "error" /var/log/syslog. Yawn. Wong turns grep into a divining rod:

grep -r "404" /var/log/nginx/: Recursive search through all nginx logs.
grep -C 5 "segfault" dmesg.log: Shows 5 lines of context BEFORE and AFTER the match—critical for debugging.
zgrep "timeout" /var/log/nginx/*.gz: Searches compressed logs without unzipping them. Because life’s too short for manual gunzip.

But Wong’s secret sauce? ripgrep (rg). Install it (apt install ripgrep) and watch grep sob in the corner. Try:

rg -tconf "root" /etc

This searches ONLY config files (.conf, .ini, etc.) for “root” in /etc—ignoring binaries and irrelevant noise. It’s 5-10x faster than grep because it’s written in Rust (nerd cred: activated). Bonus: rg -i "ERROR" | less -R preserves color codes in less for instant visual scanning.

Text Alchemy: Transforming Log Sludge into Gold

awk: The Swiss Army Knife You’re Too Scared to Use

Stop treating awk like a cryptic relic. Wong uses it daily to surgically extract data. Basic anatomy:

awk 'PATTERN { ACTION }' file

Example: You’ve got access.log with IPs flooding your server. Who’s the culprit?

awk '{print $1}' access.log | sort | uniq -c | sort -nr

Breakdown:

awk '{print $1}': Print first column (IP address)
sort: Group identical IPs
uniq -c: Count occurrences with prefix
sort -nr: Sort numerically descending (biggest offenders first)

But Wong’s one-liner ninja move? Directly in awk:

awk '{ip[$1]++} END {for (i in ip) print ip[i], i}' access.log | sort -nr

This does EVERYTHING in one pass—no pipes! The ip[$1]++ builds an array counting each IP, then the END block prints counts + IPs. For 10GB logs, this avoids disk thrashing from temp files. Try it during an attack—you’ll high-five yourself.

sed Surgery: Fixing Files Without Opening an Editor

sed (“stream editor”) is Wong’s scalpel for on-the-fly text surgery. Forget opening nano for a single-line fix. Example: You need to replace all “http://” with “https://” in a config file:

sed -i 's|http://|https://|g' /etc/nginx/sites-enabled/default

Note: The pipes (|) as separators avoid “leaning toothpick syndrome” when slashes are involved. The -i flag edits IN PLACE (with a silent prayer to the backup gods—always test first with -i.bak to create a backup).

But Wong’s emergency sed trick? Removing DOS line endings (\r\n) when Windows machines infect your logs:

sed -i 's/\r$//' broken.log

\r$ matches the carriage return at line end. Life saver when ^M errors drive you insane.

Advanced move: Injecting text after a pattern. Say, adding “proxy_set_header X-Forwarded-Proto $scheme;” after every location / block in nginx config:

sed -i '/location \//a proxy_set_header X-Forwarded-Proto $scheme;' nginx.conf

The a command appends text after the matched line. i would insert BEFORE. Try this during an SSL rollout—you’ll look like a config wizard.

Process Ninjutsu: When Killing Processes Feels Like Therapy

ps Is Dead: Long Live htop and Beyond

If you’re still ps aux | grep nginx, Wong prescribes immediate intervention. Install htop (apt install htop), run it, and prepare for tears of joy. Sort by CPU (press F6 → CPU% ), kill processes (press F9), and drill into threads (press H). But Wong’s killer move? Remote htop over SSH with resource graphs:

ssh -t user@contabo-vm 'sudo htop'

The -t forces a pseudo-terminal so htop renders properly. Now you’re debugging production from your beach chair.

But when even htop fails? Meet pidstat (sysstat package). This gem tracks process resource hogs in REAL TIME:

pidstat -p ALL 2 5

This samples ALL processes every 2 seconds for 5 intervals, showing CPU, memory, I/O. When your Contabo VM suddenly chokes, run:

pidstat -p $(pgrep -d',' -f nginx) 1

Tracks ONLY nginx worker processes with millisecond precision. You’ll spot that runaway PHP-FPM child before customers rage-tweet.

Kill Signals: Not All SIGKILLs Are Created Equal

Stop blindly kill -9-ing everything. It’s the digital equivalent of solving a squeaky door with a sledgehammer. Wong’s signal cheat sheet:

SIGTERM (15): Polite shutdown request. Let processes clean up (close DB connections, save state). Always try this FIRST:
kill -15 $(pgrep nginx)
SIGINT (2): Like Ctrl+C in foreground. Use when SIGTERM is ignored (some Java apps are stubborn).
SIGKILL (9): Brute-force murder. Only when processes are truly frozen (uninterruptible sleep states). Wong’s rule: If you haven’t waited 30 seconds after SIGTERM, you’re doing it wrong.

Pro tip: killall is riskier than kill but useful for mass signal delivery. Example: Reconfiguring all PHP-FPM workers without dropping connections:

killall -USR2 php-fpm

USR2 tells PHP-FPM to reload config gracefully while keeping existing connections alive. No downtime, no drama—just Wong-level finesse.

Sysadmin Special Ops: Secrets the Manual Forgets to Mention

Network Forensics: Diagnosing Latency Like Sherlock

When your Contabo VM feels slow, don’t panic—get data. Wong’s network triage drill:

Check local routing: ip route show. If traffic isn’t taking the expected path (e.g., via tun0 for WireGuard), you’ve found your bottleneck.
DNS lookup speed test: time dig @1.1.1.1 google.com. If it’s >50ms, your resolver sucks—switch to systemd-resolved.
Real-time traffic analysis: sudo nethogs eth0 (install via apt install nethogs). Shows bandwidth per process. Suddenly spot that cron job exfiltrating data to anonfiles.com.

But Wong’s golden ticket? mtr (apt install mtr). It’s traceroute + ping on steroids:

mtr --report --show-ips contabo.com

The --report flag runs 10 cycles and exits with stats. Look for %LOSS on specific hops—the hop before loss is your chokepoint. I once fixed a “broken internet” ticket by spotting 30% loss at Contabo’s Frankfurt router (ticket #44721—you’re welcome).

SSH Mastery: Beyond Passwords and Port 22

If you’re still entering passwords for SSH, Wong demands you revoke your admin card immediately. Here’s the Wong Standard:

SSH Keys with Passphrases: Run ssh-keygen -t ed25519 -a 100. The -a 100 adds key stretching against brute force.
Agent Forwarding: ssh -A user@jumpbox lets you hop through a bastion host without storing keys on it. Critical for PCI compliance.
Auto-Resume Transfers: rsync -Pzvhe ssh /big/file.iso user@contabo:/backup/. The -P shows progress AND resumes failed transfers (like scp’s cooler cousin).

Wong’s secret sauce? SSH config shortcuts (~/.ssh/config):

Host contabo HostName v123456.contaboserver.net User wongedan IdentityFile ~/.ssh/contabo_ed25519 LocalForward 8080 localhost:80

Now ssh contabo logs in instantly AND forwards port 80 to your local 8080. Bonus: LocalForward tunnels HTTP traffic through your SSH pipe—no messy NGINX config when testing staging sites. Try it with ssh -L 9000:localhost:9000 contabo for PHP Xdebug. Your IDE will thank you.

Final Boss Tips: Wong’s Vault of Obscure But Critical Know-How

Screen/Tmux: Never Lose a Session to Network Gremlins

Your SSH connection dies. Your long-running ffmpeg job evaporates. Wong laughs at your pain. Here’s the cure:

tmux new -s build

This starts a background session named “build”. Now run ./compile.sh. Detach with Ctrl+B D. Reconnect later with tmux attach -t build. If your laptop dies? Your Contabo VM keeps tmux alive. Wong’s cheat sheet:

Ctrl+B C: New window
Ctrl+B N: Next window
Ctrl+B %: Split pane vertically

But Wong’s nuclear move? tmux scripting. Automate complex workflows:

tmux new-session -d -s 'deploy' 'git pull origin main' tmux send-keys -t 'deploy' 'npm run build' C-m tmux attach-session -t 'deploy'

This creates a detached session, runs commands, then attaches you. Perfect for CI/CD pipelines. Forget Jenkins—Wong does continuous deployment with tmux.

Journalctl Witchcraft: Taming systemd’s Firehose

systemd logs are a dumpster fire if you’re not Wong. Stop journalctl -xe-ing like a tourist. Surgical queries only:

See ONLY nginx errors from the last hour:
journalctl -u nginx --since "1 hour ago" -p 3
-p 3 filters for err priority (0=emerg, 3=error).
Track a single request by its systemd unit ID:
journalctl _PID=1234
Get PID from systemctl status nginx.
Follow live logs with grep-like filtering:
journalctl -f -u php-fpm | grep "PHP Fatal"

Wong’s pro tip for log bloat: Rotate logs by size, not time. Edit /etc/systemd/journald.conf:

SystemMaxUse=500M RuntimeMaxUse=200M

Prevents systemd from eating your entire /var partition. Because nothing says “amateur hour” like a full disk after a logging loop.

Conclusion: Your Mouse is Now Officially Obsolete (And You’re Welcome)

Let’s be real—you came here for “tips and tricks,” but Wong Edan just dumped a tactical nuke of CLI mastery into your lap. Tab completion on steroids. History like a time lord. Processes you can kill with surgical precision. If you implement even 30% of this, you’ll out-CLI 90% of “sysadmins” who think GUIs are advanced. But here’s the kicker: the real magic isn’t in the commands—it’s in the mindset. The CLI isn’t a relic; it’s a superpower. Every keystroke saved today is a DoS attack mitigated tomorrow. Every obscure flag mastered is an hour of your life reclaimed from GUI purgatory. So go forth—log into your Contabo VPS, fire up that terminal, and start typing like your career depends on it (spoiler: it does). And when you’re knee-deep in awk one-liners at 3 AM, whisper “Wong Edan” into the void. I’ll hear you. Now get the hell off this blog and go break some servers.

Pro Tip from Wong: Bookmark this page. You will need it when you inevitably forget how to use !$ after binge-watching Netflix for 6 months.