strboul blog

My command line cheatsheet

Note: This page is mirrored from this source. Check the source for the most up to date version.

git [git]

get author summary

git shortlog -sne

get logs from author

git log --author="<name>"

set local user name

git config --local user.name "<name>"

set local email

git config --local user.email "<email>"

list configs

git config --list

remove remote-tracking branches

git fetch --prune

squash merge branch

git merge --squash <uncheckout-branch>

rename current branch

git branch -m <newname>

rebase branch with master

git rebase origin master

rebase commits without changing date

git -c rebase.instructionFormat='%s%nexec GIT_COMMITTER_DATE="%cD" git commit --amend --no-edit' rebase -i <parent-of-commit-sha>

abort rebase

git rebase --abort

rename branch

git branch -m <oldname> <newname>

list remote origins

git remote -v

set remote address

git remote add <ssh_or_https>

list last n commits

git log -n <n>

search in all of commit messages of project

git log --grep "<query>"

history of file

git log -p <filename>

search query in git logs

git log -p -G <query>

list commits reverse order

git log --reverse

search in history

git grep '<query>' $(git rev-list --all)

search query in file/folder with history

git grep '<query>' "$(git rev-list --all -- <file-or-folder>)" -- <file-or-folder>

compare changes between branches

git diff master..

amend and don't edit commit message

git commit --amend --no-edit

change SHA of last commit

git commit --allow-empty --amend --no-edit

create fixup commit

git commit --fixup <commit_sha_current_branch>

by skipping commit hooks

git commit --no-verify

commit with date ISO 8601 format

git commit --date="YYYY-MM-DDTHH:MM:SS"

cherry pick commit

git cherry-pick <commit_sha>

reset head commit

git reset HEAD~

get stash diff

git stash show -p stash@{0}

list tags by creation date (descending)

git tag --sort=-creatordate

list ignored files

git ls-files --ignored --exclude-standard --others

change remote url

git remote set-url origin [email protected]:user/repo.git

create patch files from last n commits

git format-patch -<n> HEAD

apply multiple patches

git apply *.patch

add submodule

git submodule add <repository> <path>

update submodule

git submodule update

update submodules and init

git submodule update --init

pull all submodules

git submodule foreach git pull origin master

update all submodules

git submodule update --init --recursive

create zip archive (respecting gitignore)

git archive --format=zip --output <filename>.zip master

change git ssh command

GIT_SSH_COMMAND='ssh -vvv' git fetch

git operate with a specific ssh key

git -c "core.sshCommand=ssh -i /path/to/key" clone [email protected]:username/repo.git

$ name: git -c log.showSignature=false log --format='%an' | sort -u

$ email: git -c log.showSignature=false log --format='%ae' | sort -u

$ uncheckout-branch: git branch --list | awk '{ if ($1 != "*") { print $1 } }'

$ file-or-folder: find * -type f -o -type d

$ commit_sha_current_branch: git -c log.showSignature=false log --format="%C(auto) %H %s" --no-merges master.. | fzf | awk '{ print $1 }'

ssh [security]

authorise ssh pub key in remote machine

ssh-copy-id -i <public-key> user@host

jump through multiple hosts

ssh -J user@host1,user@host2 user@host3

restart ssh agent

eval "$(ssh-agent -s)"

create ssh keypair

ssh-keygen -t ed25519 -C "<comment>"

add ssh key to agent

ssh-add <private-key>

list keys in agent

ssh-add -L

local port forwarding/tunnel

ssh -N -L <remote-port>:localhost:<localport> user@host

keyscan by type of domain or IP

ssh-keyscan -t ed25519 github.com

$ public-key: find ~/.ssh/keys -type f -name '*.pub'

$ private-key: find ~/.ssh/keys -type f -not -name '*.pub'

scp [security]

secure copy directory (-r: recursive)

scp -r <local_dir> user@host:<remote_dir>

copy with jump hosts

scp -J juser@jhost <file1> <file2> user@host:/

gpg [security]

list public keys

gpg --list-keys

create/generate key with defaults

gpg --full-generate-key

list public keys long format with fingerprints

gpg --list-keys --keyid-format=LONG

search public keys by email in keyservers

gpg --search-keys <email>

get fingerprint of key by email

gpg --fingerprint <email>

get fingerprint of key file (without importing it into keyring first)

gpg --show-keys --with-fingerprint <filename>

get encrypted file details

gpg --list-packets <file>

list signatures

gpg --list-signatures <fingerprint>

list private keys

gpg --list-secret-keys --keyid-format=LONG

import public/private key from file

gpg --import <key-file>

export public key as clean text

gpg --armor --export <fingerprint>

export private key as clean text

gpg --armor --export-secret-key <fingerprint>

remove public key

gpg --delete-key <fingerprint>

remove private key

gpg --delete-secret-key <fingerprint>

encrypt file

gpg --encrypt --armor --recipient <email> --output <output_filename_gpg> <input_filename>

decrypt file

gpg --decrypt --output <output_filename> <input_filename_gpg>

clearsign file

gpg --clearsign <input_filename>

verify sign

gpg --verify <filename>

get smartcard status

gpg --card-status

list with expired subkeys

gpg --list-options show-unusable-subkeys --list-keys

$ fingerprint: gpg-list-public-keys | fzf | awk '{ print $1 }'

$ email: gpg-list-public-keys | fzf | perl -pe 's/^.*\<(.*)\>$/\1/g'

openssl [security]

get certificate details

openssl x509 -text -noout -in <crt-file>

nmap [network]

scan all open ports in an address

nmap 192.168.1.1

get all addresses from subnet (255 hosts)

nmap -sP 192.168.1.0/24

get all ports from hosts

nmap -Pn 192.168.1.0/32

find dhcp addresses

nmap --script broadcast-dhcp-discover -e <interface>

$ interface: ip -o a show | awk '{ if ($3 == "inet") { print $2; } }'

ip [network]

list routing table

ip route

get ip route

ip route get 1 | awk '{ print $7 }'

route an address via interface

ip route add <address> dev <interface>

nmcli [network]

show general status

nmcli general status

show device status

nmcli dev status

list all known connections

nmcli connection show

list wifi devices

nmcli dev wifi list

create new connection

nmcli dev wifi con "<ssid>"

up connection (ask password)

nmcli con up --ask "<ssid>"

print password of current wifi device

nmcli dev wifi show-password

print password of known network

nmcli -show-secrets -get-values "802-11-wireless-security.psk" connection show "<known-ssid>"

$ known-ssid: nmcli -g name connection

iwctl [network]

list devices

iwctl station list

list available networks on device

iwctl station wlan0 get-networks

connect to network

iwctl station wlan0 connect <ssid>

ieee 802.11 information e.g. frequency, ghz, mac address, of device

iwlist wlan0 scanning

tcpdump [network]

list connections

tcpdump -l

get packets from interface

tcpdump -nn -i eth0

get packet details from interface

tcpdump -nn -vvv -X -i eth0

write packagets to file

tcpdump -w capture.pcap

write packages to file and also print stdout

tcpdump --print -w capture.pcap

monitor outgoing connections except ssh

tcpdump -i eth0 port not 22 and src <source-ip>

listen all interfaces

tcpdump -i any

socat [network]

listen at port

socat - TCP4-LISTEN:<port>,fork,reuseaddr

send message to port

echo "hello" | socat TCP4:<address>:<port> -

send file contents as stream

echo "$(<<file>)" | socat TCP4:<address>:<port> -

simple http server

socat -v -d -d TCP-LISTEN:3333,crlf,reuseaddr,fork SYSTEM:"echo HTTP/1.1 200 OK;echo Content-Type\: text/plain;echo;echo \"Server: \$SOCAT_SOCKADDR:\$SOCAT_SOCKPORT\";echo \"Client: \$SOCAT_PEERADDR:\$SOCAT_PEERPORT\";"

$ address: echo "192.168.1.1" --- --fzf-overrides '--no-select-1'

$ port: echo "3333" --- --fzf-overrides '--no-select-1'

netstat [network]

list network interfaces

netstat -ie

tc [network]

add delay to every packet on device

tc qdisc add dev eth1 root netem delay 200ms

randomly drop approximately x percent of packets on device

tc qdisc add dev eth1 root netem loss 1%

inspect filters on device

tc qdisc show dev eth1

list rules

tc qdisc ls

remove tc filters

tc qdisc del dev eth1 root

qpdf [pdf]

concatenate/merge pdf files

qpdf --empty --pages input-*.pdf -- output.pdf

convert [imagemagick, jpg, pdf]

convert jpg to pdf

convert picture-*.jpg out.pdf

resize an image by percent (source and destination)

convert -resize 50% <image-files> dest.png

resize an image by size (source and destination)

convert -resize 1024X768 <image-files> dest.jpg

$ image-files: find * -type f -regex '.*\.\(png\|jpg\|jpeg\)'

lsof [file]

show open files (-w don't show warnings)

lsof -w

list specific port

lsof -i:<port>

determine which proceses modify file or directory

lsof <file_or_dir>

du [disk]

disk usage of current directory/folder

du -sh .

disk usage of files and folders of current directory/folder

du -sh *

df [disk]

display free disk space

df -h

dd [disk]

wipe disk

dd if=/dev/zero of=/dev/sda bs=4M

make device bootable with iso

dd if=file.iso of=/dev/sda bs=4M oflag=direct status=progress

fallocate [disk]

allocate space to file

fallocate -l 20G file.img

lsblk [disk]

list block devices with filesystems

lsblk --fs

blkid [disk]

locate/print block device attributes

blkid

kill [process]

kill all processes of that program

killall -9 <name_command>

kill by process id

kill -9 <pid>

auditctl [process]

list rules

auditctl -l

get key reports today

aureport -ts today -k

get summary of key reports since boot

aureport -ts boot -k

get summary of key reports today

aureport -ts today -k --summary

get logs by key

ausearch -i -k <key>

get logs on file

ausearch -i -f <file>

mount [linux]

mount devices

mount /dev/sda /mnt/<dir>

list mounts and filter by type

mount -l -t ext4

unmount

umount <dir>

getconf [linux]

32 bits or 64 bits?

getconf LONG_BIT

create symlink

ln -s <destination> <source>

update symlink

ln -sfn <destination> <source>

remove symlink

unlink <file>

free [linux]

display memory and swap info in system

free -m

ss [network, socket, process]

list all open sockets

ss -tunalp

show ipv4 connections (-r: resolve, -p: show process)

ss -4 -r -p

list summary of all socket connections

ss -s

filter connections by port number

ss -at -p '( dport = :22 or sport = :22 )'

dig [network, dns]

query specific nameserver

dig 127.0.0.1 @1.1.1.1

get nameserver addresses

dig +short ns example.com

mx: 'Mail eXchange' records

dig +short mx example.com

soa: 'Start Of Authority' records

dig +short soa example.com

list all records

dig +noall +answer +multiline example.com any

get public IP address of machine

dig +short myip.opendns.com @resolver1.opendns.com

get mDNS hostname

dig -x <ip-address> -p 5353 @224.0.0.251

nslookup [network, dns]

reverse DNS lookup

nslookup 127.0.0.1

ip [network]

list network devices

ip link

list route table

ip route

create dummy virtual ethernet interface

ip link add xennet0 type dummy; ip a change dev xennet0 93.184.216.34

remove dummy virtual ethernet interface

ip link delete xennet0 type dummy

traceroute, tracepath [network]

traceroute host (uses icmp)

traceroute <domain_tld>

tracepath host (uses UDP and MTU)

tracepath <domain_tld>

chattr [file]

change file attribute (+i: make immutable)

chattr +i <file>

scanimage [printer, scanner]

scan an image

scanimage --progress --resolution=150 --format=pdf --output-file "$(date +'%Y-%m-%dT%H:%M:%S')".pdf

list devices

scanimage -L

lpstat [printer, cups]

get printer status

lpstat -p -d

get jobs status

lpstat -t

list queue

lpq

clear queue

lprm -

lp [printer, cups]

print echoed string

echo 'IPP everywhere' | lp

nc [network, netcat]

check if port is open

nc -zv 127.0.0.1 <port>

listen on port

nc -lvvnp <port>

$ port: echo "3333" --- --fzf-overrides '--no-select-1'

telnet [network]

ping port

telnet 127.0.0.1 <port>

systemd [systemd]

inspect users, groups

userdbctl

journalctl [systemd]

follow log messages.

journalctl -f

listen logs of an executable

journalctl -f /usr/bin/<program>

show log disk usage

journalctl --disk-usage

get logs since current boot

journalctl -b

get logs from previous boot

journalctl -b-1

list boots from current year

journalctl --list-boots

show messages since

journalctl --since "1 day ago"

show only error, critical, alert priority messages

journalctl -p err..alert

get logs since boot and of unit

journalctl -b -u <service-file>

$ service-file: systemctl list-unit-files | grep enabled | awk '{ print $1 }'

resolvectl [systemd]

resolve domain names

resolvectl --cache=false query strboul.com

flush dns cache

resolvectl flush-caches

firewalld [systemd]

open tcp port (temporarily)

firewall-cmd --add-port=8000/tcp

open tcp port (permanently)

firewall-cmd --permanent --add-port=8000/tcp

close tcp port (permanently)

firewall-cmd --permanently --remove-port=8000/tcp

list allowed ports

firewall-cmd --list-ports

list active zones

firewall-cmd --get-active-zones

list running services

firewall-cmd --list-services

list everything added or enabled

firewall-cmd --list-all

reload firewalld

firewall-cmd --reload

pwgen

create random password with length of 16 (with capital letter and numerals)

pwgen -nc 16 -1

find

find files ending with an extension.

find * -type f -name '*.<extension>'

find folder/directory by name.

find * -type d -name '<name>'

find any file modified in last 1 min

find * -mmin 1

find files owned by user

find * -user <user>

find if all files in dir can be read by user

find <dir> -print > /dev/null

systemctl [systemd]

get status of service

systemctl status <service>

list running user services

systemctl --user list-units --state=running

list user timers

systemctl --user list-timers

stop user timer

systemctl --user <user-timer-unit>

show failed services

systemctl --failed

edit service file

sudo EDITOR=vim systemctl edit <service>

reboot and get into bios

systemctl reboot --firmware

$ service: systemctl list-units --type=service --no-pager --quiet | awk '{ print $1 }'

$ user-timer-unit: systemctl --user list-timers --no-pager --quiet | perl -pe 's/^.*(\s+)(.*)(?<=\.timer).*$/\2/g'

docker [docker]

tag an image

docker tag <image-id> <new-tag>

delete an image

docker rmi <image_id>

delete all images

docker rmi $(docker images -q)

clean none/dangling images

docker rmi $(docker images --filter "dangling=true" -q --no-trunc)

list networks

docker network ls

list running containers

docker ps

delete all running and stopped containers

docker rm -f $(docker ps -aq)

inspect container or image

docker inspect <container-or-image-sha>

inspect with format

docker inspect --format '{{ .NetworkSettings.IPAddress }}' <container-or-image-sha>

copy from host to container

docker cp foo.txt container_id:/foo.txt

copy from container to host

docker cp container_id:/foo.txt foo.txt

get docker system info

docker system info

get docker system disk usage

docker system df

prune unused images, containers, networks, volumes

docker system prune

get container usage statistics

docker stats

docker-compose [docker]

start containers detached, force recreated

docker compose up --detach --force-recreate

stop and remove containers, networks

docker compose down

fdisk [disk]

list disk partitions

fdisk -l

man [unix]

get manual page of command

man printf

get manual page of specific section of command

man 3 printf

list sections of command

man -k '^printf'

pacman [arch, linux]

check updates

checkupdates

list cache packages

ls -l /var/cache/pacman/pkg | grep '<query>'

list all foreign packages (AUR or manually installed)

pacman -Qm

search packages by regex query

pacman -Qs <query>

get package information

pacman -Qi <installed-packages>

get files provided by package

pacman -Ql <installed-packages>

query file is owned by which package

pacman -Qo <file>

install from file (e.g. cache)

pacman -U <cache-file>

clear all unused cache

pacman -Sc

remove package with dependencies

pacman -Rcns <installed-packages>

pacman package report

pacman -Qkk | grep warning

force re-install all packages

pacman -Syyu $(pacman -Qnq) --overwrite "*"

$ cache-file: find /var/cache/pacman/pkg -type f -name '*.zst'

$ installed-packages: pacman -Qq

dmesg [linux]

get usb device names

dmesg -T | grep 'USB'

id [linux]

get user name

id -un

chmod, chown, chgrp [linux]

change file permissions with octal

chmod 0600 <filename>

change user and group ownership of file

chown <new-user>:<new-group> <filename>

change group ownership of file

chgrp <new-group> <filename>

virsh [virt, libvirt]

list of VMs

virsh list --all

start VM

virsh start <vm_name>

reboot VM

virsh reboot <vm_name>

shutdown VM

virsh shutdown <vm_name>

force stop

virsh destroy <vm_name>

remove vm

virsh undefine <vm_name>

console access of running VM

virsh console <vm_name>

list networks

virsh net-list

start network

virsh net-start <network_name>

show dhcp assigned IP addresses

virsh net-dhcp-leases <network_name>

clone VM and create storage image

virt-clone -o <vm_name> -n <new_vm_name> -f /var/lib/libvirt/images/<new_vm>.qcow2

delete/remove attached storage file

rm -f "$(virsh dumpxml --domain <vm_name> | grep -oP "source file='\K[^']*")"

shred [linux]

safe delete/remove file by overwriting it multiple times

shred -u <file>

useradd, usermod, gpasswd [linux]

list user groups.

groups

list all groups.

getent group | cut -d: -f1

add new user with home directory and shell

useradd --create-home --shell /usr/bin/bash <username>

set or change password of user

passwd <username>

delete user and its home directory

userdel -rf <username>

add user to sudoers group

usermod -aG wheel <user>

add user to an existing group

usermod -aG <group> <user>

remove user from group

gpasswd -d <group> <user>

delete group

groupdel <group>

change primary group of user

usermod -g primarygroupname username

$ user: getent passwd | cut -d: -f1

$ group: getent group | cut -d: -f1

curl [network]

send get http request

curl <url>

send http request with custom header and json body

curl -X <method> <url> -H '<headername>: <headervalue>' -d '<json>'

send get http request and follow redirects

curl -L <url>

use specific interface

curl --interface eth0 <url>

expand shortened urls

curl -sIL https://goo.gl/l6MS | sed -n 's/Location: *//p'

send cookies

curl --cookie "token=12345" http://localhost

$ method: echo -e 'GET\nPOST\nPUT\nDELETE\nPATCH'

strace [linux]

trace command

strace ls

trace command and any newly created child processes

strace -f ls

trace process and write to file

strace -f -p <pid> -e trace=write -o strace_pid_<pid>.capture

$ pid: ps a | tail -n +2 | fzf | awk '{ print $1 }'

bash [linux]

for loop over files

for filename in *; do echo "$filename"; done

ternary string comparison

[[ "str1" == "str2" ]] && echo "equal" || echo "not equal"

check if string contains substring

if [[ "Arch Linux" =~ .*Linux.* ]]; then; echo "it contains"; fi

check if string is empty

if [[ -z '' ]]; then echo "it is empty"; fi

check if string is not empty

if [[ -n 'foo' ]]; then echo "it is not empty"; fi

uname [linux]

print system information

uname -a

psql [database]

send queries from command line

psql postgresql://postgres:[email protected]:5432/db -c '''

SELECT * FROM alias;

'''

wget [linux]

download and save file with output

wget <link> -O <output_file>

fwupdmgr [linux]

download new metadata from remote server

fwupdmgr refresh

update devices to latest firmware version

fwupdmgr update

btrfs [linux]

list subvolumes

btrfs subvol list /

create snapshot (-r: readonly)

btrfs subvol snapshot -r /home "/.snapshots/home-$(date +%FT%T)"

delete snapshot

btrfs subvol delete @snapshots/<snapshot>

show subvol details of snapshot

btrfs subvol show /.snapshots/<folder_name>

zfs, zpool [linux]

list zfs pools

zpool list

get pool status

zpool status

lists zfs file systems

zfs list

set/change quota

zfs set refquota=1G <name>

list snapshots

zfs list -t snapshot

take snapshot

zfs snapshot <pool-name>@<snapshot_name>

attr [linux]

list file attributes

lsattr <file>

make file immutable/append only

chattr +ia <file>

make file mutable/non-append only

chattr -ia <file>

zip, unzip [archive]

archive files

zip archive.zip file1 file2

add file or folders to zip archive

zip -r archive.zip file_or_folder

list files in archive

unzip -l archive.zip

unzip to folder

unzip archive.zip -d destination_folder

tar [archive]

create tar archive

tar -czvf filename.tar.gz /path/to/dir1

extract tar archive, untar

tar -xzvf filename.tar.gz

hexdump [linux]

display text with hexadecimal

echo "text" | hexdump -Cc

jq [json]

get first element of array

cat file.json | jq '.[0]'

get values by key

cat file.json | jq '.key'

subset key by value

cat file.json | jq 'select(.key == "value")'

rg [ripgrep, grep]

search in single file

rg <query> <file>

search in dir recursively

rg <query> <folder>/

search literally i.e. without regex

rg -F '<query>'

search files not containing query

rg --files-without-match <query>

search pattern but ignore files

rg <query> -g '!*<pattern>'

search n lines around

rg -C <n> <query>

python [python]

pip install requirements

python -m pip install -r requirements.txt

create virtualenv

python -m venv .venv

pip freeze requirements

python -m pip freeze > requirements.txt

create single http server on directory

python -m http.server <port> --bind <address>

convert unix time to datetime

python -c "import datetime; print(datetime.datetime.fromtimestamp(0))"

Pretty print json

<json> | python -m json.tool

$ port: echo "3333" --- --fzf-overrides '--no-select-1'

$ address: echo "127.0.0.1" --- --fzf-overrides '--no-select-1'

pyenv [python]

list pyenv versions

pyenv versions

install python version

pyenv install <version>

set global version

pyenv global <version>

set local version (creates .python-version file)

pyenv local <version>

temporarily set version

pyenv shell <version>

xdg [linux]

find xdg-mime of file

xdg-mime query filetype <file>

find default application of xdg-mime

xdg-mime query default <mime>

get list of xdg desktop files

ls /usr/share/applications

iptables [linux]

log incoming packets

iptables -t raw -A PREROUTING --destination 1.1.1.1 -j LOG --log-prefix='[iptables-raw-debug] '

log outgoing packets

iptables -t raw -A OUTPUT --destination 1.1.1.1 -j LOG --log-prefix='[iptables-raw-debug] '

list raw table

iptables -t raw -L -v -n --line-numbers

flush (clean) raw table

iptables -t raw -F

delete specific rule from table by line number

sudo iptables -t raw -D INPUT 2

list rules

iptables --list-rules

list by specifications

iptables -S

networking [linux, network]

ping port from host

timeout 5 bash -c ': < /dev/tcp/<host>/<port>'

dns without dig

getent hosts archlinux.org

xclip [unix]

copy file contents to clipboard

xclip -selection clipboard < /path/to/file.txt

neomutt [mutt, email]

read an mbox file

neomutt -f all.mbox

direnv [env, security]

get status

direnv status

git-crypt [git, security]

lock repository

git-crypt lock

unlock repository

git-crypt unlock

list encrypted files

git-crypt status -e

grep [unix]

get count of query in files

grep -c '<query>' *txt

get match with n lines around

grep -C 2 '<query>' *txt

ps [unix]

get process by name

ps -aux | grep <program_name> | grep -v grep

kill all zombie processes

ps -ef | grep defunct | grep -v grep | awk '{ print $2 }' | xargs kill -9

xargs [unix]

example xargs usage

ls | xargs -I {} du -sh {}

apropos [unix]

find command by query

apropos <query>

date [unix]

get snapshot date

date +'%FT%T%z'

get date with format

date +'%Y-%m-%dT%H:%M:%S'

base64 [unix]

encode file to base64

base64 <file>

decode file to base64

base64 --decode <file>

wrap lines, don't multiline

base64 -w0 <file>

lxc [linux]

list containers

lxc-ls --fancy

start container

lxc-start -n <container>

stop container

lxc-stop -n <container>

get inside of container by name

lxc-attach -n <container>

run command inside of container by name

lxc-attach -n <container> -- ls

proc [linux]

get memory information

cat /proc/meminfo

get kernel version

cat /proc/version

get process environment variables

cat /proc/<pid>/environ | tr "\0" "\n"

get process command line

cat /proc/<pid>/cmdline | tr "\0" "\n"

get process link to working directory

file /proc/<pid>/cwd

get process file descriptors

ls -l /proc/<pid>/fd

get process binary

file /proc/<pid>/exe

get process limits

cat /proc/<pid>/limits

kubectl [k8s]

get all pods with labels

kubectl get pods --show-labels -A

get logs by label

kubectl logs -n <namespace> -l key=value --follow

describe pod by label

kubectl describe pod -n <namespace> -l key=value

exec into pod by name

kubectl exec --stdin --tty -n <namespace> <pod_name> -- /bin/bash

exec into pod and container by names

kubectl exec -n --stdin --tty <namespace> <pod_name> -c <container_name> -- /bin/bash

restart pod

kubectl delete pod -n <namespace> <pod_name>

get cluster information

kubectl config get-contexts

restic [backup]

list snapshots

restic snapshots

diff two snapshots

restic diff <snapshot_id> <snapshot_id>

diff last two snapshots

restic diff $(restic snapshots --json | jq -r '.[-2:][].id')

mount snapshots

restic mount /tmp/restic-mount

pass [password]

insert new password

pass insert archlinux.org/wiki/username

copy password to clipboard

pass -c archlinux.org/wiki/username

multi line insert

pass insert -m <name>

edit password

pass edit archlinux.org/wiki/username

delete password

pass rm archlinux.org/wiki/username

etckeeper

get etc's working tree status

sudo etckeeper vcs status

get etc's commit logs

sudo etckeeper vcs log

misc

write into file with sudo tee

echo "text" | sudo tee <file>

run while loop forever

while true; do echo 'hello'; sleep 1; done

create process with custom name

/bin/sh -c 'exec -a my_custom_process -- sleep 60'