ClouDIY: Bootstrapping Linux Servers – Part 1

A hands-on guide for DevOps, cloud beginners, and Linux newcomers

---

1. Why This Blog?

If you're new to cloud, DevOps, or managing Linux servers, you’ll quickly find that knowing a few CLI commands isn't enough. You need to know how a Linux server actually works — from accessing the shell, managing files, and users, to securing SSH and understanding logs.

This series is based on personal RHCSA prep notes, rewritten for practical real-world use — not just exam prep.

2. Linux? 

an open-source operating system powering most cloud servers, containers, and even smartphones. Red Hat Enterprise Linux (RHEL) is one of its most stable and enterprise-friendly distributions.

Scenario: You launch a Linux EC2 instance on AWS. There's no GUI. You connect via SSH and land in a terminal. CLI is your only friend.

pwd       # Show current location
ls        # List files
cd /home  # Change directory

3. Understanding the Filesystem

Linux organizes all data in a hierarchical structure that starts at the root directory, represented by /. Every file and folder branches out from this root, forming a tree-like layout. This consistent structure helps with system navigation, configuration, and troubleshooting.

Here are some important directories to be familiar with:

• /etc – Contains system-wide configuration files for services, users, networking, and more.
• /var – Stores variable data like logs, mail spools, and temporary files generated by services.
• /home – Personal directories for users. Each user gets a dedicated folder inside this.
• /bin and /usr/bin – Store essential command-line utilities and executable programs.

Example: To view system logs, navigate to the logs directory and read a log file:

cd /var/log
ls
cat messages

Being comfortable with this structure makes it easier to locate logs, change configuration files, install packages, and troubleshoot system behavior — all of which are key skills when working with servers in the cloud.

4. Creating and Managing Files

Working with files and directories is a fundamental part of using a Linux server. Whether setting up configurations or managing application data, these are the most commonly used commands.

• touch file1.txt – Creates a new, empty file named file1.txt.
• mkdir myfolder – Creates a new directory (folder) called myfolder.
• cp file1.txt myfolder/ – Copies file1.txt into the myfolder directory.
• mv file1.txt file2.txt – Renames (or moves) file1.txt to file2.txt.
• rm file2.txt – Deletes the file file2.txt.

Tip: Linux does not show deleted files in a “Recycle Bin.” Once removed with rm, files are permanently deleted unless backups exist.

# Basic file operations
touch file1.txt
mkdir myfolder
cp file1.txt myfolder/
mv file1.txt file2.txt
rm file2.txt

These commands are the building blocks for working with server files. Mastering them helps with automation, scripting, and day-to-day DevOps tasks.

5. Working with Users and Groups

Linux allows fine-grained control over user access through user and group management. This helps isolate responsibilities and maintain security.

• useradd devuser – Creates a new user named devuser.
• passwd devuser – Sets (or changes) the password for devuser.
• groupadd devgroup – Creates a new group named devgroup.
• usermod -aG devgroup devuser – Adds devuser to the devgroup without removing them from other groups.

Scenario: You’ve hired a junior developer. The secure way to provide access:

• Create a separate user account just for them (devuser).
• Assign them to a developers group (devgroup).
• Never share the root password. Limit privileges using groups and sudo rules.

# Create user and group, then link them
useradd devuser
passwd devuser
groupadd devgroup
usermod -aG devgroup devuser

This approach ensures clean role separation and safer system management, especially in team environments.

6. Permissions and Ownership

Linux uses a permission system to control who can read, write, or execute a file or directory. Every file is associated with an owner and a group.

• ls -l – Lists files with detailed permissions and ownership info.
• chmod – Changes file/directory permissions.
• chown – Changes file owner or group.

Understanding Permission Symbols

-rw-r--r--  1 user  group  file.txt
│ │  │  └────────────┐
│ │  │               └── Group
│ │  └────────────────── Owner
│ └───────────────────── Permissions (r=read, w=write, x=execute)

Basic Permission Commands

# Make a file read-only
chmod 444 file.txt

# Give execute permission to the owner
chmod u+x script.sh

# Change ownership to user:group
chown devuser:devgroup file.txt

Scenario: You created a script file for deployment, but only the team lead should be able to run it.

• Set execute permission only for the owner.
• Use chown to assign ownership to the team lead's user account.
• Restrict group/others from modifying or running it.

Proper permission management protects system integrity and limits accidental or unauthorized changes.

7. Monitoring Processes

Keeping an eye on system resources and running processes is essential to troubleshoot issues and optimize performance.

• top – Interactive process viewer showing real-time CPU, memory usage, and running processes.
• df -h – Check disk space usage of filesystems in a human-readable format (GB, MB).
• free -m – Display memory usage in megabytes, including used, free, and cached memory.
• ps aux – List all running processes with detailed info like user, PID, CPU and memory usage.
• kill PID – Safely terminate a process using its Process ID (PID).

How to Use These Commands

# View active processes and resource use
top

# Check disk space to avoid full storage
df -h

# Monitor memory usage
free -m

# Find detailed info on all running processes
ps aux

# Stop a misbehaving process (replace PID with actual ID)
kill PID

Scenario: An application becomes unresponsive. Use top to find its PID, then kill the process to stop it safely and restore normal operation.

Regular monitoring helps identify resource bottlenecks and keeps your system running smoothly.

8. Managing Software

Linux software installation and updates are typically handled through package managers like dnf or yum. These tools simplify installing, updating, and removing software packages efficiently.

• dnf install tree -y – Installs the tree package automatically without asking for confirmation.
• yum install vim -y – Installs the popular vim text editor.
• rpm -qa | grep httpd – Lists all installed packages related to the Apache HTTP server.
• dnf update -y – Updates all installed packages to their latest versions.

Tips for Software Management

# Install a package quietly
dnf install tree -y

# Search for installed packages matching 'httpd'
rpm -qa | grep httpd

# Update all packages to latest versions
dnf update -y

Scenario: Before deploying a new app, ensure all system packages are updated to avoid security risks and bugs.

Using package managers keeps your system secure, stable, and up to date with the latest software.

9. Networking Basics

Understanding basic networking commands is essential for troubleshooting connectivity issues and managing network configurations on Linux systems.

• nmcli device status – Displays all network devices and their current status (connected, disconnected, etc.).
• ip a – Shows detailed information about all network interfaces and assigned IP addresses.
• ping google.com – Sends ICMP echo requests to test network connectivity and latency to Google’s servers.
• nmtui – Opens a user-friendly text interface to manage network connections interactively.

Quick Reference

nmcli device status    # Show network devices and their status
ip a                   # Display IP addresses and interfaces
ping google.com        # Test connectivity
nmtui                  # Interactive network manager

Scenario: If your server cannot access the internet, start by checking network device status with nmcli and verify IP addresses using ip a. Use ping to test external connectivity.

Mastering these commands helps quickly diagnose and resolve common networking problems in Linux environments.

10. Securing SSH

SSH (Secure Shell) is the main method to remotely access and manage your Linux server securely. Strengthening SSH configuration helps protect your server from unauthorized access.

Edit the SSH daemon configuration file /etc/ssh/sshd_config and apply these settings to improve security:

PermitRootLogin no
PermitEmptyPasswords no
ClientAliveInterval 600
ClientAliveCountMax 0

• PermitRootLogin no – Disables direct root login, forcing users to log in with their own accounts.
• PermitEmptyPasswords no – Prevents login for accounts with empty passwords.
• ClientAliveInterval 600 – Sends a keepalive message every 600 seconds (10 minutes) to detect inactive sessions.
• ClientAliveCountMax 0 – Disconnects the client immediately after no response to keepalive messages, improving security.

After making changes, restart the SSH service to apply the new settings:

systemctl restart sshd

Scenario: To protect your server, never allow root login over SSH. Instead, use sudo privileges from regular user accounts and ensure no accounts have empty passwords.

Following these best practices reduces the risk of brute force attacks and unauthorized server access.

11. Transferring Files

Use scp (secure copy) to transfer files safely between your local machine and a remote server. It uses SSH for encrypted data transfer, keeping your files secure during the process.

scp file.txt user@server:/home/user/

• file.txt – The file you want to transfer.
• user@server:/home/user/ – The destination, where user is the remote username and server is the server’s IP or hostname.

You can also copy entire directories recursively using the -r option:

scp -r myfolder user@server:/home/user/

Scenario: When moving project files to your server, use scp to securely upload your work without exposing sensitive data.

Remember, scp requires SSH access and proper permissions on the destination server.

12. Archiving Files

Archiving bundles multiple files or folders into one file, and compressing reduces file size for storage or transfer efficiency.

• tar – A common tool for archiving and compressing files together.
• gzip – Compresses single files to save space.
• gunzip – Decompresses files compressed with gzip.

tar -czvf archive.tar.gz foldername/    # Create a compressed archive (tarball) of the folder
gzip file.txt                          # Compress a single file
gunzip file.txt.gz                     # Decompress a gzip file

Understanding the tar options:

• -c: Create a new archive
• -z: Compress with gzip
• -v: Verbose output showing files processed
• -f: Specifies the archive filename

Scenario: Before transferring multiple log files, archive and compress them into one tarball to save bandwidth and keep files organized.

Archiving and compression are essential for efficient file management and transfer in Linux systems.

13. Syncing Time with NTP

Accurate system time is essential for reliable logs, security protocols, and running scheduled tasks correctly. Network Time Protocol (NTP) keeps your server's clock synchronized with global time servers.

• timedatectl set-ntp true – Enables automatic time synchronization via NTP.
• timedatectl list-timezones – Displays a list of available timezones to choose from.
• timedatectl set-timezone Asia/Kolkata – Sets the server timezone to your local region.

timedatectl set-ntp true               # Enable NTP time syncing
timedatectl list-timezones              # List available timezones
timedatectl set-timezone Asia/Kolkata   # Set the timezone

Scenario: Your server's time is off, causing issues with log timestamps and cron jobs. Enable NTP syncing and set the correct timezone to fix this.

Keeping your server’s clock accurate avoids problems with authentication, scheduling, and log analysis.

14. Logging and Troubleshooting

System and application logs are your first stop for diagnosing problems. Being comfortable with log files helps you quickly identify issues and monitor system health.

• ls /var/log – Lists available log files and directories.
• cat secure – Displays SSH and security-related logs, useful for detecting unauthorized access.
• tail -f messages – Shows real-time system messages, great for live monitoring during troubleshooting.

ls /var/log          # List log files
cat secure            # View SSH and security-related logs
tail -f messages      # Monitor system messages live

Scenario: Your server is behaving unexpectedly. Check the messages log live using tail -f while you try to reproduce the problem.

Understanding and monitoring logs ensures faster detection and resolution of system issues.

15. Bonus: Web-Based Admin with Cockpit

Cockpit provides an easy-to-use web interface for managing Linux servers. It lets you monitor system health, manage services, storage, and more — all through your browser.

• dnf install cockpit -y – Installs Cockpit without prompts.
• systemctl enable --now cockpit – Starts Cockpit immediately and enables it on boot.

dnf install cockpit -y
systemctl enable --now cockpit

Then, access the web interface by opening your browser to:

https://your-server-ip:9090

Note: Replace your-server-ip with your actual server's IP address. Make sure your firewall allows access to port 9090.

Cockpit simplifies server administration, especially useful for those preferring a graphical interface.

Wrap-Up

These are the foundational Linux skills every cloud or DevOps engineer should know. Before jumping into Kubernetes, Docker, or Terraform, master the operating system they depend on.