Work with the network from the terminal — check your IP and routes, see which ports are open, test connectivity and resolve DNS names, log into remote machines over SSH, and copy files between them.
The modern tool for everything network-related is ip. ip a ("address") shows your network interfaces and the IP addresses assigned to them. ip route shows the routing table — most importantly the "default" route, which is the gateway every outbound packet leaves through. These replace the older ifconfig you may see in tutorials.
Show network interfaces and their IP addresses
ip aShow the routing table (the "default" line is your gateway out)
ip routeA "port" is a numbered door a service listens on (web on 80/443, SSH on 22). ss ("socket statistics") lists them — the flags read as -t TCP, -u UDP, -l listening, -n numeric, -p show the program. This answers two constant questions: is my service actually listening, and what is using this port?
Which programs are listening, on which ports?
sudo ss -tulpnIs anything listening on port 80? (filter the output)
sudo ss -tulpn | grep :80When something cannot connect, test in layers. ping checks you can reach a host at all. dig (or host) resolves a name to its IP, isolating DNS problems from connection problems. curl actually makes a request — -I fetches just the response headers, a fast way to confirm a web service is answering.
Can I reach this host at all? (Ctrl+C to stop)
ping -c 4 google.comWhat IP does a name resolve to? (isolates DNS issues)
dig +short google.comMake a real request; -I fetches only the response headers
curl -I https://example.comSSH ("secure shell") gives you an encrypted terminal on a remote machine — it is how you administer servers. The form is ssh user@host. Far better than passwords is key-based login: ssh-keygen makes a key pair once, ssh-copy-id installs the public half on the server, and from then on you log in with no password and much better security.
Log into a server as a user (you'll get its shell prompt)
ssh deploy@203.0.113.10One-time setup for passwordless, key-based login:
ssh-keygen -t ed25519 # create a key pair (press Enter through prompts)ssh-copy-id deploy@203.0.113.10 # install your public key on the serverOnce SSH works, you can move files over the same secure channel. scp copies like cp but with a remote user@host:path on one end. rsync is smarter for folders and repeat transfers — it copies only what changed, so the second run is nearly instant; -a preserves everything and -v lists what it sends.
Copy a local file UP to the server
scp ./app.tar.gz deploy@203.0.113.10:/var/www/Copy a file DOWN from the server to here
scp deploy@203.0.113.10:/var/log/app.log ./Sync a whole folder efficiently (only changed files transfer)
rsync -av ./site/ deploy@203.0.113.10:/var/www/site/