Linux Administration

Understand and use essential tools

Access a shell prompt and issue commands with correct syntax
Commands used in this video:

# pwd

# df -h

# ls

# ls -l

# ls -lhtra

# touch

# rm

# cp

# mv

Use input-output redirection

Standard Input

# cat

Standard Output

# echo "Standard Output"

Standard Error

# ls %

Redirection

Overwrite:

Standard output: 'more than symbol'

Standard input: 'less than symbol'

Standard error: 2'more than symbol'

Append:

Standard output: 'more than symbol''more than symbol'

Standard input: 'less than symbol''less than symbol' (line by line input)

Standard error: 2'more than symbol''more than symbol'

Examples:

Standard output:

# cat 'more than symbol' test.txt

# cat test.txt

# cat 'more than symbol' test.txt

# cat text.txt

# cat 'more than symbol''more than symbol' text.txt

# cat test.txt

Pipe:

less:

# ls -lhtra | less

find:

# ls -lhtra | find -name "*.bash*"

grep:

# ls -lhtra | grep .bash

tee:

# cat | tee test2.txt

# cat test2.txt

tr:
# cat test2.txt | tr a A

wc:

number of letters:

# cat test2.txt | wc -l

number of words:

# cat test2.txt | wc -wc

tail with grep:

# sudo tail -f /var/log/secure | grep error

cat with grep:

# sudo cat /var/log/vboxadd-setup.log | grep error

# sudo cat /var/log/vboxadd-setup.log | grep write

# sudo cat /var/log/vboxadd-setup.log | grep fai

Use grep and regular expressions to analyse text

Summary of the common regular expressions:

[ ]: Matches any one of a set characters

[ ] with hyphen: Matches any one of a range characters

^: The pattern following it must occur at the beginning of each line

^ with [ ] : The pattern must not contain any character in the set specified

$: The pattern preceding it must occur at the end of each line

. (dot): Matches any one character

\ (backslash): Ignores the special meaning of the character following it

*: Zero or more occurrences of the previous character

(dot).*: Nothing or any numbers of characters.

Commands used in this video:

[ ] : Matches any one of a set characters:

$grep "[CcFf]a[RrTt]" kafka.txt

Use [ ] with hyphen: Matches any one of a range characters:

$grep "da[a-z]" kafka.txt

$grep "da[a-i][a-z]" kafka.txt

Use ^: The pattern following it must occur at the beginning of each line:

$grep "^He" kafka.txt

Display list of directories only:

$ls –l |grep "^d"

Display list of regular files only:

$ls –l |grep "^-"

Use ^ with [ ]: The pattern must not contain any character in the set specified:

$grep "d[^a-i]e" kafka.txt

Use $: The pattern preceding it must occur at the end of each line:

$ grep "got$" kafka.txt

Use . (dot): Matches any one character:

$ grep "st..id" kafka.txt

Use \ (backslash): Ignores the special meaning of the character following it:

$ grep "out\.$" kafka.txt

$ grep "Hell\!" kafka.txt

Use *: zero or more occurrences of the previous character:

$ grep "hap*[e-z]n[a-i]d" kafka.txt

Use (dot).*: Nothing or any numbers of characters:

$ grep "hap.*ed" kafka.txt

Access remote systems using SSH

Find out where the application is (if installed) and where config files are:

# whereis ssh

Find out where the application located:

# which ssh

Run SSH application to find command line options:

# ssh

Manual page on SSH:

# man ssh

To remotely log into server via SSH:

# ssh username@ip/hostname/dns-name

e.g. ssh fs-cengland@war.freeshells.org

Show current user:

# whoami

Exit an SSH session:

# exit

Enable standard output via SSH to be logged to log file:

# ssh username@server | tee ssh-output.log

Print a hi into standard out:

# echo hi

List all files in the directory:

# ls -lhtra

Print the ssh-output.log to the terminal.

# cat ssh-output.log

Log in and switch users in multiuser targets

Get current run level:

# runlevel

or

# systemctl get-default

Overview of 6 runlevels.

runlevel 0 = Halt or shutdown system.

runlevel 1 = Single user mode.

runlevel 2 = Multiuser mode, without networking.

runlevel 3 = Full multiuser mode.

runlevel 4 = Currently unused.

runlevel 5 = X11 Display

runlevel 6 = Reboot system.

Run levels of 2 and above are multi-user.

Create a new user:

# useradd user1

Switching user accounts:

Sign into user1 account:

# su user1

Sign into user1 and gets user1's environment variables:

# su - user1

Change to root:

# su -

Show current user:

# whoami

Password policy of an account:

# chage -l user1

Update account password policy:

# chage user1

Run a command as root:

# sudo command

Archive, compress, unpack, and uncompress files using tar, star, gzip, and bzip2
Gzip and Bzip2:

Compress:

# gzip file

# bzip2 file

Extract:

# gzip -d file

# bzip2 -d file
Tar:

Compress:

# tar cvf compressed-file.tar file

# tar cvzf compressed-file.tar.gz file

# tar cvjf compressed-file.tar.bz2 file

List Contents:

# tar -tf file

Extract:

# tar xvf file

# tar xvfz file

# tar xvfj file

Star:

Install Star:

# sudo yum install star

Create Archive:

# star -c -f=compressed-file.star file

Create Archive with extended attributes and ACLs:

# star -xattr -H=exustar -c -f=compressed-file.star file

List Contents:

# star -t -f=compressed-file.star

Extract:

# star -x -f=compressed-file.star

Create and edit text files | Part 1 | Nano

Opening and creating files

For opening and creating files type:

# nano filename
Nano is a mode-less editor so you can start typing immediately to insert text. If you are editing a
configuration file like /etc/fstab use the -w switch to disable wrapping on long lines as it might
render the configuration file unparseable by whatever tools depend on it. For example:

# nano -w /etc/fstab

It is very, very important that you use the -w switch when opening a config file. Failure to do so may
keep your system from booting or cause other bad things.

Saving and exiting

If you want to save the changes you've made, press Ctrl + O. To exit nano, type Ctrl + X. If you ask
nano to exit from a modified file, it will ask you if you want to save it. Just press N in case you don't,
or Y in case you do. It will then ask you for a filename. Just type it in and press Enter.

If you accidentally confirmed that you want to save the file but you actually don't, you can always
cancel by pressing Ctrl + C when you're prompted for a filename.

Cutting and pasting

To cut a single line, you use Ctrl + K (hold down Ctrl and then press K). The line disappears. To paste
it, you simply move the cursor to where you want to paste it and punch Ctrl + U. The line reappears.
To move multiple lines, simply cut them with several Ctrl + K in a row, then paste them with a single
Ctrl + U. The whole paragraph appears wherever you want it.

If you need a little more fine-grained control, then you have to mark the text. Move the cursor to the
beginning of the text you want to cut. Hit Ctrl + 6 (or Alt + A). Now move your cursor to the end of
the text you want to cut: the marked text gets highlighted. If you need to cancel your text marking,
simply hit Ctrl + 6 again. Press Ctrl + K to cut the marked text. Use Ctrl + U to paste it.

Searching for text

Searching for a string is easy as long as you think "WhereIs" instead of "Search". Simply hit Ctrl + W,
type in your search string, and press Enter. To search for the same string again, hit Alt + W.

Note:

In nano's help texts the Ctrl is represented by a caret (^), so Ctrl + W is shown as ^W, and so on. The
Alt key is represented by an M (from "Meta"), so Alt + W is shown as M-W.
Create and edit text files | Part 2 | VI
Open VI:

# vi filename

edit a file named "filename"

# vi newfile

creates a new file named "newfile"

To save the edits you have made, but leave vi running and your file open:

Press Esc

Type :w

Press Return

To quit vi, and discard any changes your have made since last saving:

Press Esc

Type :q!

Press Return

Entering text:

i - insert text left of cursor

a - append text right of cursor

Moving the cursor (when arrow keys don't work)

h - left one space

j - down one line

k - up one line

l - right one space

Basic Editing:

x - delete character

nx - delete n characters

X - delete character before cursor

dw - delete word

ndw - delete n words

dd - delete line

ndd - delete n lines

D - delete characters from cursor to end of line

r - replace character under cursor

cw - replace a word

ncw - replace n words

C - change text from cursor to end of line

o - insert blank line below cursor

O - insert blank line above cursor

J - join succeeding line to current cursor line

nJ - join n succeeding lines to current cursor line

u - undo last change

U - restore current line

Moving around in VI:

w - forward word by word

b - backward word by word

$ - end of line

0 - beginning of line

H - top line of screen

M - middle line of screen

L - last line of screen

G - last line of file

1G - first line of file

Ctrl+f - scroll forward one screen

Ctrl+b - scroll backward one screen

Ctrl+d - scroll down one-half screen

Ctrl+u - scroll up one-half screen

n - repeat last search in same direction

N - repeat last search in opposite direction

Closing and saving a file:

ZZ - save file and then quit

:w - save file

:q! - discard changes and quit file

Create, delete, copy, and move files and directories

Create empty file:

# touch file

Create new file and edit in VI:

# vi file

Create new file and edit in nano:

# nano file

Make directory:

# mkdir directory

Print current (working) directory:

# pwd
Make directory and parent directories:

# mkdir -p directory1/directory2

Remove file:

# rm file

Remove empty directory:

# rm -d directory

Remove directory recursively (even with data in directory):

# rm -r directory

Copy file:

# cp file-to-copy new-file

Copy directory and contents:

# cp -r directory-to-copy new-directory

Move file:

# mv file-to-move new-file

Move directory:

# mv directory-to-move new-directory

Create hard and soft links

List files in directory including inodes.

# ls -lia

Create hard link:

# ln original-file hard-link-name
Create softlink:

# ln -s original-file soft-link-name

List, set, and change standard ugo/rwx permissions

Long listing of files:

# ls -l

-rw-rw-rw- 1 cengland cengland 0 Jul 5 12:53 testfile

First char of the 10 character sequence e.g (-rwxrwxrwx) is used to indicate the file type:

– (hyphen): a regular file

d: a directory

l: a symbolic link

c: a character device (which treats data as a stream of bytes, i.e. a terminal)

b: a block device (which handles data in blocks, i.e. storage devices)

Permissions are either read(r), write(w) or execute(x). chmod (command to change the permissions
assigns numbers to each of these values read(4), write (2) and execute(1). We can combine those
values e.g. giving read and write permissions is 4+2=6.

After the listing of the permissions there is the owner and then the group listed of the file.

Permissions updated for a file or directory using chmod:

# chmod 755 file

User=7|Group=5|Other=5

User = Read, write and execute

Group = Read and execute

Other = Read and execute

Assigning permissions using letters in chmod is by using the user(u), group(g), other(o) or all(a)
plus(+) or minus(-) a permission read(r), write(w) or execute(x) :

Giving the user execute permissions:

# chmod u+x file

Giving all read and execute:

# chmod a+rx file

Removing write from other users:

# chmod o-w file

Ownership of a file or directory is assigned via chown, in the format (user:group, user:, or :group)

Make the file owned by the root user and the root group:

# chown root:root file

Make the file owned by the root user:

# chown root: file

Make the file owned by the root group:

# chown :root file

Copying user and group information from another file is achieved using the following:

# chown --reference=reference_file file

SETUID and SETGID:

These are special values that can be assigned to files or directories that allow the file or directory to
be run by a specific user or group essentially escalating privileges.

A good example of this is the passwd binary, this file needs to be executed as the root user even by
standard users as files need to be updated that are owned by root to facilitate a password change.

# ls -l /usr/bin/passwd

-rwsr-xr-x 1 root root 59680 May 17 2017 /usr/bin/passwd

You can see in the above example the rws rather than rwx, the setuid is set meaning anyone that
executes this file will do so as if it is being run by the root user. The same can be done for a group as
well.

Adding this permission is using chmod:

Setting setuid:

# chmod u+s file

or

Adding setuid and the other permissions:

# chmod 4755 file

Setting setgid:

# chmod g+s file

or

Adding setgid and other permissions:

# chmod 2755 file

The use of special permissions can be very useful in some situations, but if not used correctly the can
introduce serious vulnerabilities, so think twice before using them.

The use of special permissions can be very useful in some situations, but if not used correctly the can
introduce serious vulnerabilities, so think twice before using them.

Locate, read, and use system docs including man, info, and files in /usr/share/doc
View command manual (man) page:

# man ls

Some commands have multiple man pages to show all:

# whatis ls

Unsure the command name and to search a string:

# apropos ls
Update man page database:

# mandb

All manual pages stored in /usr/share/doc:

# ls /usr/share/doc

Info command for additional documentation for a particular command:

# info ls

All info pages stored in /usr/share/info:

# ls /usr/share/info

Locate command to find files by name:

# locate sysctl.conf

or

# find / -name sysctl.conf

Update locate database:

# updatedb

Find what provides a specific command or file via yum:

# yum whatprovides */mandb

Find out if a package provided a particular file:

# rpm -ql systemd | grep sysctl.conf

Find out where the documentation is stored for a particular package:

# rpm -qd less

Show current PATH:

# env | grep PATH

Show system path of command using:

# which ls

Show system path and man page files:

# whereis ls

Operate running systems

Boot, reboot, and shut down a system normally
To reboot the system:

# reboot

# systemctl reboot

# shutdown -r now

# init 6

# telinit 6

To shutdown the system:

# halt

# systemctl halt

# shutdown -h now

# init 0

# telinit 0

To poweroff off the system:

# poweroff

# systemctl poweroff

Advanced Management
To suspend the system:

# systemctl suspend

To put the system into hibernation:

# systemctl hibernate

To put the system into hibernation and suspend it:

# systemctl hybrid-sleep

Boot systems into different targets manually

List of common targets:

Runlevel Target Units Description

0 runlevel0.target, poweroff.target Shut down and power off the system.

1 runlevel1.target, rescue.target Set up a rescue shell.

2 runlevel2.target, multi-user.target Set up a non-graphical multi-user system.

3 runlevel3.target, multi-user.target Set up a non-graphical multi-user system.

4 runlevel4.target, multi-user.target Set up a non-graphical multi-user system.

5 runlevel5.target, graphical.target Set up a graphical multi-user system.

6 runlevel6.target, reboot.target Shut down and reboot the system.

Viewing the default target:

# systemctl get-default

Viewing the current target:

# systemctl list-units --type target

# systemctl list-units --type target --all

Changing the default target to multi-user:

# systemctl set-default multi-user.target

Changing the current target to multi-user:

# systemctl isolate multi-user.target

Changing to rescue mode:

# systemctl isolate rescue.target

Change to rescue without warning message:

# systemctl --no-wall rescue

Changing to emergency mode

# systemctl isolate emergency.target

# systemctl --no-wall emergency

Interrupt the boot process in order to gain access to a system

Resetting the Root Password Using an Installation Disk

Start the system and when BIOS information is displayed, select the option for a boot menu and
select to boot from the installation disk.

Choose Troubleshooting.

Choose Rescue a Red Hat Enterprise Linux System.

Choose Continue which is the default option. At this point you will be promoted for a passphrase if
an encrypted file system is found.

Press OK to acknowledge the information displayed until the shell prompt appears.

Change the file system root as follows:

# chroot /mnt/sysimage

Enter the passwd command and follow the instructions displayed on the command line to change
the root password.

# passwd
Remove the autorelable file to prevent a time consuming SELinux relabel of the disk:

# rm -f /.autorelabel

Enter the exit command to exit the chroot environment.

Enter the exit command again to resume the initialization and finish the system boot.

Resetting the Root Password Using rd.break

Start the system and, on the GRUB 2 boot screen, press the e key for edit.

Remove the rhgb and quiet parameters from the end, or near the end, of the linux16 line, or linuxefi
on UEFI systems.

Add the following parameters at the end of the linux line on 64-Bit IBM Power Series, the linux16
line on x86-64 BIOS-based systems, or the linuxefi line on UEFI systems:

rd.break enforcing=0

Adding the enforcing=0 option enables omitting the time consuming SELinux relabeling process.

The initramfs will stop before passing control to the Linux kernel, enabling you to work with the root
file system.

Note that the initramfs prompt will appear on the last console specified on the Linux line.

Press Ctrl+x to boot the system with the changed parameters.

With an encrypted file system, a password is required at this point. However the password prompt
might not appear as it is obscured by logging messages. You can press the Backspace key to see the
prompt. Release the key and enter the password for the encrypted file system, while ignoring the
logging messages.

The initramfs switch_root prompt appears.

The file system is mounted read-only on /sysroot/. You will not be allowed to change the password if
the file system is not writeable.

Remount the file system as writeable:

# mount -o remount,rw /sysroot

The file system is remounted with write enabled.

Change the file system's root as follows:

# chroot /sysroot

The prompt changes to sh-4.2#.

Enter the passwd command and follow the instructions displayed on the command line to change
the root password.

# passwd

Updating the password file results in a file with the incorrect SELinux security context. To relabel all
files on next system boot, enter the following command:

# touch /.autorelabel

Alternatively, to save the time it takes to relabel a large disk, you can omit this step provided you
included the enforcing=0 option in step 3.

Remount the file system as read only:

# mount -o remount,ro /

Enter the exit command to exit the chroot environment.

Enter the exit command again to resume the initialization and finish the system boot.

With an encrypted file system, a pass word or phrase is required at this point. However the
password prompt might not appear as it is obscured by logging messages. You can press and hold
the Backspace key to see the prompt. Release the key and enter the password for the encrypted file
system, while ignoring the logging messages.

Note that the SELinux relabeling process can take a long time. A system reboot will occur
automatically when the process is complete.
If you added the enforcing=0 option in step 3 and omitted the touch /.autorelabel command in step
8, enter the following command to restore the /etc/shadow file's SELinux security context:

# restorecon /etc/shadow

Enter the following commands to turn SELinux policy enforcement back on and verify that it is on:

# setenforce 1

# getenforce

Enforcing

Identify CPU/memory intensive processes and kill processes

Task Manager like command:

# top

* PID: Shows task’s unique process id.

* PR: Stands for priority of the task.

* SHR: Represents the amount of shared memory used by a task.

* VIRT: Total virtual memory used by the task.

* USER: User name of owner of task.

* %CPU: Represents the CPU usage.

* TIME+: CPU Time, the same as ‘TIME’, but reflecting more granularity through hundredths of a
second.

* SHR: Represents the Shared Memory size (kb) used by a task.

* NI: Represents a Nice Value of task. A Negative nice value implies higher priority, and positive Nice
value means lower priority.

* %MEM: Shows the Memory usage of task.

Report a snapshot of all current processes.

# ps -ef

To display root's processes

# ps -u root

Display roots real and effective processes

# ps -U root -u root u

ps with grep built in

# pgrep httpd

Search processes by owner

# pgrep -u username -l

Not owned by root

# pgrep -v -u root -l

Kill signal types:

SIGHUP 1 Hangup

SIGKILL 9 Kill Signal

SIGTERM 15 Terminate

List all kill types:

# kill -l

To kill a process:

# pidof auditd

or

# ps -ef | grep auditd

# kill 745

or

Will kill based on process name

# pkill auditd

The default is 15 if no other signal is sent – SIGTERM

To get details about processes, type:

# ps -edf
Process Priority

To start a process (here script.sh) with a low priority, type:

# nice -n 10 ./script.sh

To change the priority (here +5) of an already running process, get its PID (Process ID) through top or
ps (here 789) and type:

# renice +5 789

Adjust process scheduling

Understanding Linux Scheduling Priorities

From the man page:

The scheduler is the kernel part that decides which executable process will be executed by the CPU
next. The Linux scheduler offers three different scheduling policies, one for normal processes and
two for real-time applications.

1. SCHED_OTHER – the default universal time-sharing scheduler policy used by most processes.

2. SCHED_FIFO or SCHED_RR – intended for special time-critical applications that need precise
control over the way in which executable processes are selected for execution

3. SCHED_BATCH – intended for “batch” style execution of processes

Scheduling Algorithm:

* SCHED_FIFO uses First In-First Out scheduling algorithm

* SCHED_RR uses Round Robin scheduling algorithm

* SCHED_OTHER uses Default Linux time-sharing scheduling algorithm

* SCHED_BATCH use Scheduling batch processes algorithm

chrt:

chrt command is part of util-linux package – low-level system utilities that are necessary for a Linux
system to function. It is installed by default under Debian / Ubuntu / CentOS / RHEL / Fedora and
almost all other Linux distributions.

To get / retrieve the real-time attributes of an existing task / PID, enter:

# chrt -p pid

# chrt -p 112

# chrt -p 1

Any user can retrieve the scheduling information. No special privileges required.

How do I use chrt command to set real time attributes of a Linux process (already running
processes)?

Use the syntax as follows to set new priority:

# chrt -p prio pid

# chrt -p 1025

# chrt -p 55 1025

# chrt -p 1025

Before setting new scheduling policy, you need to find out minimum and maximum valid priorities
for each scheduling algorithm, enter:

# chrt -m

To set scheduling policy to SCHED_BATCH, enter:

# chrt -b -p 0 {pid}

# chrt -b -p 0 1024

To set scheduling policy to SCHED_FIFO, enter:

# chrt -f -p [1..99] {pid}

Set policy to SCHED_FIFO with 50 priority:

# chrt -f -p 50 1024

# chrt -p 1024

To set policy scheduling policy to SCHED_OTHER, enter:

# chrt -o -p 0 {pid}

# chrt -o -p 0 1024

# chrt -p 1024
To set scheduling policy to SCHED_RR, enter:

# chrt -r -p [1..99] {pid}

Set policy to SCHED_RR scheduling with 20 priority:

# chrt -r -p 20 1024

# chrt -p 1024

Manage Tuning Profiles (tuned)

Within Red Hat there is a performance tuning solution name tuned, this a focus of the RHCSA. The
tuned daemon is a powerful daemon that dynamically auto-tunes Linux server performance based
on the information it gathers from monitoring the system and its underlying components to provide
the requested performance characteristics required.

To install tuned (if not already):

# dnf install tuned

To start and enable the daemon:

# systemctl start tuned

# systemctl enable tuned

Check the status:

# systemctl status tuned

To manage tuned daemon use tuned-adm, to check the currently active profile being used on the
system:

# tuned-adm active

Then to get a list of the available tuning profiles:

# tuned-adm list

More information about a particular profile:

# tuned-adm profile_info powersave

To switch to any particular profile:

# tuned-adm profile powersave

Confirm is active:

# tuned-adm active

To apply the recommended profile on the system:

# tuned-adm recommend

Finally to disable the tuning:

# tuned-adm off

Locate and interpret system log files and journals

System log files are stored in /var/log as with most applications. SELINUX log in

/var/log/audit/audit.log

SystemD application has been added to allow us to analyse the boot process.

To get the boot process duration, type:

# systemd-analyze

To get the time spent by each task during the boot process, type:

# systemd-analyze blame

In addition, Systemd handles the system event log, a syslog daemon is not mandatory any more.

To view the log:

# journalctl

To get all the events related to the crond process in the journal, type:

# journalctl /sbin/crond
Note: You can replace /sbin/crond by which crond.

Altenatively, to get all the events related to the crond process, you can also type:

# journalctl -u crond

To get all the events since the last boot, type:

# journalctl -b

To get all the events that appeared today in the journal, type:

# journalctl --since=today

To get all the events with a syslog priority of err, type:

# journalctl -p err

To get the 10 last events and wait for any new one (like tail -f /var/log/messages), type:

# journalctl -f

By default, Journald logs are stored in the /run/log/journal directory and disappear after a reboot.

To store Journald logs in a more permanent way, type:

# mkdir /var/log/journal

# echo "SystemMaxUse=50M" '2 greater than symbols' /etc/systemd/journald.conf

# systemctl restart systemd-journald

Note: Setting the SystemMaxUse variable is necessary because otherwise 10 percent of the
filesystem where the /var/log/journal directory is stored may be used at maximum by the journal.

Preserve system journals

View system journal:
# journalctl

To make system journal persistent:

# mkdir /var/log/journal

By default this would use up to 10% of the total space on that mount point. To manage that set the
value of "SystemMaxUse" to a value in KB (K), MB (M) or GB (G).

Quick method to update this value:

# echo "SystemMaxUse=50M" `greater-than-symbol*2` /etc/systemd/journald.conf

Then for the change to take affect:

# systemctl restart systemd-journald

Start, stop, and check the status of network services

To start a network service, type:

# systemctl start sshd

Note in RHEL 6 and below it was used as following, compatability is maintained for now.

# service sshd start

Note: In addition, a service can be restarted with the restart option or only reloaded with the reload
option.

To stop a network service, type:

# systemctl stop sshd

To check if a network service is running, type:

# systemctl is-active sshd

To activate a network service at boot, type:

# systemctl enable sshd

To disable a network service at boot type:

# systemctl disable sshd

To check if a network service is enabled at boot, type:

# systemctl is-enabled sshd

disabled

To check the status of a network service, type:

# systemctl status sshd

To permanently disable a service, type:

# systemctl mask sshd

Note1: Masking a service prevents it from starting even if it is socket-activated or dbus-activated.

To enable the service again:

# systemctl unmask sshd

Securely transfer files between systems

To transfer a local file to a remote host into user1's home directory:

# scp file6 user1@10.0.2.6:file6

To transfer all files from a specified directory (here /tmp):

# scp /etc/ssh/* root@10.0.2.6:/tmp

To transfer files from a remote host to the local host (current directory):

# scp root@10.0.2.6:/tmp/sshd_config .