×

Search anything:

Linux networking: ip, whois, dig, ss, ssh, telnet, scp, sftp

Internship at OpenGenus

Get this book -> Problems on Array: For Interviews and Competitive Programming

In this article we discuss Linux networking commands responsible for peer to peer connections, dns lookups, ip addressing and configuration.

Table of contents.

  1. Introduction.
  2. ip.
  3. whois.
  4. dig.
  5. ss
  6. ssh
  7. telnet
  8. scp
  9. sftp
  10. Summary.
  11. References.

Introduction.

We discuss Linux commands that find uses on a daily basis for Linux network administrators for both configurations and troubleshooting.

ip.

This command is useful for assigning ip addresses to network interfaces, configuring network variables, removing addresses and routes, managing arp cache, bringing network interfaces up or down and more.

The syntax is as follows,

ip [OPTIONS] OBJECT {COMMAND | help}

Commonly used objects are link(l) - used to modify network interfaces, address(addr) - to display and modify protocol addresses, route(r) - to display and alter the routing table, neigh(n) - for display and manipulation of neighbor objects.

To get all address(addr) command options we write,

ip addr help

An example

To get network interface information for all devices we use the link object and show command as follows,

ip link show

For information on a specific device,

ip link show dev [deviceName]

As a network admin assigning ip addresses is a very common task, we can use the ip command to temporarily assign an ip address to an interface as follows,

sudo ip addr add 10.4.16.2 dev eth0

Conversely we can remove an ip as follows,

sudo ip addr del 10.4.16.2 dev eth0

We can also bring network interfaces up or down by using the set object as follows,

To bring eth0 up we write,

sudo ip link set eth0 up

To bring it down we write,

sudo ip link set eth0 down

A routing table stores paths used to determine routing of traffic, to view a routing table we write,

sudo ip route show

Default gateways allow communication for devices in different network, To set a default gateway with the ip command we write,

sudo ip route add default via 192.168.1.100

Static routes enable routers to learn more about a route to a remote network that is indirectly attached to its interfaces. With the ip command we can add or remove.

Adding a static routes.

sudo ip route add 10.4.16.2 via 192.168.1.100 dev eth0

Removing a static route.

sudo ip route del 10.4.16.2

whois.

The whois command is a query response protocol used to find out information concerning the domain e.g its owner, owner's contacts, its nameservers, ip address block and other information.

The syntax is as follows,

whois [OPTION] OBJECT

An example
To find out information about website.com we write,

whois website.com

From the output we can see information such as domain name, registry domain id, url, creation date, nameservers etc.

dig.

The dig command is used for gathering DNS information, this information can then be used to troubleshoot DNS issues within the network.

The syntax is as follows,

dig [server] [name] [type]

To perform a dns lookup for yahoo.com we write,

dig yahoo.com

For a reverse lookup we write,

dig -x 74.6.143.26

Take a look at the 'ANSWER' section, the first column lists the queried name servers, the second represents the ttl the third shows query class (IN is internet) and the fourth is the query type and the final is the ip address associated with the domain.

To get only an answer we write,

dig yahoo.com +noall +answer

To get only associated ip addresses we use the +short option as follows,

dig yahoo.com +short

We can also opt to specify a specific ip address as follows,

dig @74.6.143.26 yahoo.com

Assuming we are troubleshooting an unreachable DNS problem, we can use the +trace option to identify where traffic is being dropped.

dig yahoo.com +trace

ss.

ss and netstat work in similar ways to acquire network statistics.
The syntax is as follows,

ss [OPTIONS] [FILTER]

An example
To list all network connections we write ss without any options.
From the output we can see 6 columns, netid represents the type of socket, state is the state the socket is in, Recv-Q represents the number of received packets, Send-Q is the number of sent packets, Local Address:Port is the local address and port and the Peer Address:Port is the remote address and port.

To list all sockets we can write we use the -a option with ss, for listing specific sockets, we use the -t option for TCP sockets, -u option for UDP.

ss -a -t
ss -a -u

We can also list sockets by state, for example, to list all listening sockets we write,

ss -t -r state listening

To list by port we use the dport option,

ss -a dport = :portNumber

We can also list connections to s specific address, for example to list connections to a destination address, we write,

ss -a dst 172.78.12.99

telnet.

TErminaL NETwork is a client-server networking protocol that enables users to test connectivity with remote hosts and issue commands. Note that telnet is not secure as user credentials are not encrypted when sent through telnet.
Start a telnet shell by typing telnet in the terminal.

telnet

An example
To establish a telnet connection a client machine and a remote host,

telnet 192.168.100.128

For other telnet commands you can use the -h option as follows,

telnet -h

After one is done with issuing commands, you can terminate the connection by using the logout command.

ssh.

ssh stands for secure shell or secure socket shell, this is a cryptographic protocol that enables secure communication between two computers. It is used for providing secure access to remote users for operations such as file transfers, execution of commands, network management.

The syntax is shown below,

ssh username@host

ssh: instructs the system to establish an encrypted secure connection with the host machine.
username: represents the account being accessed on the host.
host: this is the machine to be accessed.

We can ssh into a host that is not password protected as follows,

ssh host ip / hostname

To access a secured host we write,

ssh root@192.168.8.127

By default ssh listens on the TCP port, we can change port by using the -p option,

ssh 192.168.8.127 -p 22

Here we ssh into port 22.

SSH keys are more secure as compared to passwords for logging into a server, to generate public-private ssh keys we use the ssh-keygen command, The private key remains hidden while the public key is copied to the remote server.
The following command creates a pair of keys,

ssh-keygen -t rsa

scp.

scp stands for secure copy, it is used to securely copy files and directories between two locations e.g local to remote system and vice verse or between two remote systems to a local system.
It is secure because data is encrypted during these transfers.

The syntax is as follows,

scp [OPTIONS] [user][@SRC_HOST:] file1 [user@][DEST_HOST:] file 2.

Options involve things such as ciphers, ssh configurations, ports etc.
[user][@SRC_HOST:] file 1: This is the source file
[user@][DEST_HOST:] file 2: This is the destination file.

sftp.

ftp is a protocol used for remote unencrypted file transfers. This is not secured since data packets can be sniffed, this is where sftp comes in, It stands for secure ftp.

This protocol ensures secured connections for file transfers.
ssh protocol is used to authenticate sftp connections.
To initiate a sftp connection, we write,

sftp user@172.23.56.127

While in the shell you can use the '?' character to view other commands.
The ! is used to exit the shell.

Summary.

Linux runs two-thirds of all servers on the internet and networking is a very important aspect for computers. In this article we have discussed Linux commands that handle important computer networking aspects such as ip addressing, dns lookups, secure and insecure remote peer to peer connections.

References.

  1. Commonly used linux networking commands..
Linux networking: ip, whois, dig, ss, ssh, telnet, scp, sftp
Share this