30 Must-Know Linux Commands for RHCSA Success

Published On: 4 July 2025

Objective

If you’re gearing up for the Red Hat Certified System Administrator (RHCSA) exam, you’ve likely discovered that success isn’t about rote memorization , it’s about mastering practical Linux administration skills. Central to these skills is the command line. The RHCSA exam is hands-on and time-sensitive, designed to evaluate how efficiently you can perform key system administration tasks under pressure.

This blog aims to be a comprehensive, easy-to-follow, and practical guide to the 30 most important Linux commands every RHCSA candidate should know inside and out. Rather than just listing commands, it explains their real-world applications to help you:

  • Develop the command-line fluency essential for passing the hands-on RHCSA exam.

  • Strengthen your practical understanding of Linux system administration.

  • Create a reliable reference for daily practice and review.

Whether you’re a beginner building a strong foundation or an advanced learner fine-tuning your skills, this list will serve as your essential checklist on the path to RHCSA certification.

1. useradd

  • Definition:

    • useradd is a Linux command used to create a new user account on the system. It sets up the user’s home directory, default shell, and other account settings based on system defaults or specified options.

  • What it does:

    • When executed, useradd adds an entry for the new user in the system’s user database files (like /etc/passwd, /etc/shadow), creates the user’s home directory with default files, and assigns default permissions. This establishes a new user profile that can be used to log into the system or access resources.

  • Why you need it:

    • User management is one of the core tasks of any Linux system administrator. Creating users properly is essential for controlling access, ensuring security, and organizing user environments. Without creating user accounts, you can’t delegate system access or separate privileges between individuals.

  • Example:


useradd john  # Creates a new user 'john' with default home directory /home/john

2. passwd

  • Definition:

    • The passwd command is used to set or update the password associated with a user account. Passwords protect accounts and are a fundamental security mechanism in Linux.

  • What it does:

    • Executing passwd prompts the administrator or user to enter a new password, which is then encrypted and stored in the system’s password database (usually /etc/shadow). This command can change passwords for any user (if run as root) or the current user.

  • Why you need it:

    • Strong passwords are crucial to secure user accounts from unauthorized access. Regularly setting or changing passwords helps maintain system security, especially in multi-user environments or after user role changes.

  • Example:


passwd john  # Prompts to set/change password for user 'john'

3. usermod

  • Definition:

    • usermod is a powerful command used to modify existing user accounts. It allows you to change user properties such as group memberships, home directories, login shells, and more.

  • What it does:

    • This command updates the system’s user database to reflect changes like adding the user to supplementary groups, changing the user’s primary group, locking/unlocking accounts, or changing the login shell.

  • Why you need it:

    • User roles and permissions frequently evolve in an organization. You might need to add a user to a privileged group (e.g., wheel for sudo access), change their home directory, or disable accounts temporarily. usermod gives you this flexibility without recreating user accounts.

  • Example:


usermod -aG wheel john  # Adds user 'john' to the 'wheel' group giving sudo privileges

4. groupadd

  • Definition:

    • groupadd is used to create a new user group on the system. Groups provide a way to organize users and apply permissions collectively.

  • What it does:

    • When you run groupadd, it creates a new entry in the system’s group database file (/etc/group) which can then be assigned to users. Groups can be used to grant access to files, directories, or system resources.

  • Why you need it:

    • Managing users individually can be tedious and error-prone. Groups allow system admins to easily assign permissions to multiple users at once, making security management more efficient and scalable.

  • Example:


groupadd devs  # Creates a new group called 'devs' for organizing development team users

5. id

  • Definition:

    • The id command displays detailed information about a user’s identity, including their user ID (UID), primary group ID (GID), and all supplementary groups they belong to.

  • What it does:

    • When executed, id queries the system databases to show numeric IDs and group memberships associated with a user account, which helps clarify permission inheritance.

  • Why you need it:

    • Understanding the UID, GID, and group memberships is crucial for troubleshooting permission issues, verifying user privileges, and auditing security settings. It helps confirm if users have the correct access rights.

  • Example:


id john  # Displays UID, GID, and all groups of user 'john'

6. chage

  • Definition:

    • chage manages password aging policies for user accounts, including setting expiry dates, warning periods, and password minimum/maximum lifetimes.

  • What it does:

    • The command allows admins to enforce security by requiring users to change passwords regularly, preventing the use of outdated credentials. It can also display password aging information for a user.

  • Why you need it:

    • Password expiration is a critical security policy in many environments to minimize risks from compromised accounts. chage helps enforce these policies by automating password life cycles and alerts.

  • Example:


chage -l john  # Lists password expiry and aging info for user 'john'

7. hostnamectl

  • Definition:

    • hostnamectl is a command used to query and change the system hostname and related settings on systems running systemd.

  • What it does:

    • It allows you to view the current hostname (static, transient, and pretty), and change the hostname persistently without manually editing configuration files. It can also show other system info like chassis type and deployment environment.

  • Why you need it:

    • Setting the correct hostname is important for system identification on a network, which helps in managing multiple systems, troubleshooting, and logging. A meaningful hostname improves clarity in large environments.

  • Example:


hostnamectl set-hostname server1  # Changes the system hostname to 'server1'

8. nmcli

  • Definition:

    • nmcli is a command-line tool for managing NetworkManager and network connections in Linux.

  • What it does:

    • It can display, create, modify, activate, or deactivate network interfaces and connections without using a graphical interface. This includes wired, wireless, VPN, and other network types.

  • Why you need it:

    • In server environments or headless setups, managing network connections via CLI is essential. nmcli provides an efficient way to troubleshoot or configure networks remotely and script network tasks.

  • Example:


nmcli con show  # Lists all configured network connections on the system

9. ip a

  • Definition:

    • ip a is part of the ip command suite and displays detailed information about all network interfaces and their IP addresses.

  • What it does:

    • It lists each interface’s status, MAC address, assigned IPv4 and IPv6 addresses, and other relevant networking details. It replaces the deprecated ifconfig tool.

  • Why you need it:

    • Knowing the IP addresses and interface statuses is critical for network troubleshooting, configuration validation, and system monitoring. It helps verify connectivity and address assignment.

  • Example:


ip a  # Shows all network interfaces with their IP addresses and states

10. ss -tuln

  • Definition:

    • ss is a tool to investigate sockets, with -tuln flags showing listening TCP/UDP sockets without resolving names.

  • What it does:

    • This command lists all active network sockets that are listening for incoming connections, along with the ports and protocols used.

  • Why you need it:

    • Identifying open ports and active services is vital for security auditing, troubleshooting network services, and ensuring expected services are running.

  • Example:


ss -tuln  # Displays all listening TCP and UDP ports with numeric addresses

11. dnf

  • Definition:

    • dnf is the default package manager for RHEL 8/9 and related distributions, used to install, update, and remove software packages.

  • What it does:

    • It manages package dependencies, downloads packages from configured repositories, and installs or removes software while maintaining system integrity.

  • Why you need it:

    • Managing software is core to system administration. dnf provides a reliable way to keep systems up-to-date, install new tools, and remove unnecessary packages securely.

  • Example:


dnf install httpd  # Installs Apache web server package

12. rpm -q

  • Definition:

    • rpm -q queries the RPM package database to check if a package is installed or to get details about it.

  • What it does:

    • It reports the package version, release, and installation status, helping admins verify software presence.

  • Why you need it:

    • Confirming package installation is important before troubleshooting or configuring software. It ensures the required software components are available on the system.

  • Example:


rpm -q httpd  # Checks if the 'httpd' package is installed

 

13. systemctl

  • Definition:

    • systemctl is the primary command to control and manage systemd services and the overall system state.

  • What it does:

    • It allows starting, stopping, enabling, disabling, and checking the status of system services and targets.

  • Why you need it:

    • Service management is central to maintaining system functionality. systemctl ensures services run when needed and helps diagnose service-related issues.

  • Example:


systemctl status firewalld  # Shows the current status of the firewalld service

14. firewall-cmd

  • Definition:

    • firewall-cmd manages the firewalld daemon, which provides dynamic firewall rules.

  • What it does:

    • It adds, removes, or queries firewall rules, such as opening or closing ports or enabling services, both temporarily and permanently.

  • Why you need it:

    • Firewalls protect systems from unauthorized access. firewall-cmd is critical for configuring security policies and ensuring services are reachable or blocked as needed.

  • Example:


firewall-cmd --permanent --add-service=http  #Opens HTTP port 80 permanently

15. getenforce / setenforce

  • Definition:

    • These commands are used to query (getenforce) and temporarily change (setenforce) the current mode of SELinux (Security-Enhanced Linux).

  • What it does:

    • getenforce shows whether SELinux is enforcing, permissive, or disabled. setenforce allows toggling SELinux between enforcing mode (actively enforcing policies) and permissive mode (logging policy violations but not enforcing).

  • Why you need it:

    • SELinux adds a robust layer of mandatory access control for enhanced security. Understanding and controlling SELinux mode is critical during troubleshooting or when deploying applications that may be blocked by SELinux policies.

  • Example:


setenforce 0  # Temporarily sets SELinux to permissive mode for troubleshooting

16. sestatus

  • Definition:

    • sestatus reports the current status and mode of SELinux on the system.

  • What it does:

    • It displays if SELinux is enabled or disabled, the mode (enforcing or permissive), policy loaded, and booleans status.

  • Why you need it:

    • Quickly checking SELinux status helps administrators understand security posture and aids in troubleshooting permission denials related to SELinux.

  • Example:


>sestatus  # Displays SELinux current status and mode

17. chmod

  • Definition:

    • chmod is used to change the access permissions of files and directories.

  • What it does:

    • It modifies read, write, and execute permissions for the owner, group, and others either using symbolic or numeric modes.

  • Why you need it:

    • Proper file permissions are vital for system security and functionality. chmod ensures only authorized users can read, write, or execute files.

  • Example:


chmod 755 script.sh  # Sets permissions: owner=read/write/execute, group=read/execute, others=read/execute

18. chown

  • Definition:

    • chown changes the ownership of files and directories, including the user owner and group owner.

  • What it does:

    • It assigns a new user and/or group ownership to a specified file or directory.

  • Why you need it:

    • File ownership affects who can access or modify files. chown is essential when managing permissions or transferring file control between users or services.

  • Example:


chown root:root config.txt  # Changes owner and group of 'config.txt' to root

19. tar

  • Definition:

    • tar is a utility for creating and extracting archive files, optionally compressing them.

  • What it does:

    • It bundles multiple files/directories into a single archive (.tar) and can compress it using gzip or bzip2 (.tar.gz, .tar.bz2).

  • Why you need it:

    • Archiving is crucial for backups, transfers, and system snapshots. tar efficiently stores file collections and preserves directory structures and permissions.

  • Example:


tar -czvf backup.tar.gz /etc  # Creates a compressed archive of /etc directory

20. scp

  • Definition:

    • scp (secure copy) is a command used to securely transfer files between hosts over SSH.

  • What it does:

    • It copies files or directories from the local system to a remote system or vice versa, encrypting data during transit.

  • Why you need it:

    • Secure file transfer is vital to protect sensitive data over networks. scp is a straightforward way to move files while maintaining confidentiality and integrity.

  • Example:


scp file.txt user@192.168.1.10:/tmp/  # Copies 'file.txt' to remote host's /tmp directory

21. rsync

  • Definition:

    • rsync synchronizes files and directories between locations locally or over a network efficiently.

  • What it does:

    • It copies only the differences between source and destination, preserving permissions, timestamps, and symbolic links.

  • Why you need it:

    • For backups or mirroring, rsync minimizes bandwidth and time by copying only changed files, making it ideal for routine maintenance and disaster recovery.

  • Example:


rsync -av /var/www/ /backup/www/  # Syncs /var/www to /backup/www preserving attributes

22. find

  • Definition:

    • find searches for files and directories based on various criteria like name, type, size, permissions, or modification time.

  • What it does:

    • It recursively traverses directories and lists files matching the specified search parameters.

  • Why you need it:

    • Finding files quickly based on attributes is essential for system cleanup, security audits, or troubleshooting.

  • Example:


find /etc -name "*.conf"  # Finds all files ending with .conf under /etc

23. grep

  • Definition:

    • grep is a powerful text search utility used to search for specific patterns within files or output streams.

  • What it does:

    • It scans input lines for matches to a given pattern (regular expression) and outputs matching lines. It can search single or multiple files, standard input, or piped data.

  • Why you need it:

    • grep helps quickly locate specific configuration settings, error messages, or data within large files, speeding up troubleshooting and data analysis.

  • Example:


grep "PermitRootLogin" /etc/ssh/sshd_config  # Searches for 'PermitRootLogin' in sshd config file

24. df -h

  • Definition:

    • df reports the disk space usage of mounted filesystems; -h shows the output in a human-readable format.

  • What it does:

    • It displays total, used, and available disk space on each mounted filesystem, along with mount points.

  • Why you need it:

    • Monitoring disk usage prevents running out of space, which can cause system issues or application failures.

  • Example:


df -h  # Displays disk usage with sizes in KB, MB, or GB

25. du -sh

  • Definition:

    • du estimates the disk space used by files or directories; -s summarizes total size and -h makes it human-readable.

  • What it does:

    • It shows the total size consumed by the specified directory, including all subdirectories.

  • Why you need it:

    • du helps identify which directories are taking up the most space, aiding in storage management and cleanup.

  • Example:


du -sh /var/log  # Shows total size of /var/log directory

26. mount / umount

  • Definition:

    • mount attaches filesystems to the filesystem hierarchy, while umount detaches them.

  • What it does:

    • mount makes storage devices or remote shares accessible at specified mount points. umount safely disconnects them to prevent data loss.

  • Why you need it:

    • Mounting is essential to access disks, partitions, or network shares; unmounting ensures data integrity before device removal.

  • Example:


mount /dev/sdb1 /mnt  # Mounts partition /dev/sdb1 to /mnt
umount /mnt          # Unmounts /mnt safely

27. lsblk

  • Definition:

    • lsblk lists information about all available block devices in a tree-like format.

  • What it does:

    • It shows device names, types (disk, partition), sizes, mount points, and hierarchy.

  • Why you need it:

    • lsblk helps identify disk devices, partition layout, and mounted volumes, useful for disk management and troubleshooting.

  • Example:


lsblk  # Displays block devices and their  mount points

28. crontab

  • Definition:

    • crontab manages cron jobs — scheduled tasks that run at specified intervals.

  • What it does:

    • It allows users to create, edit, list, or remove scheduled jobs for automation of repetitive tasks.

  • Why you need it:

    • Automating backups, updates, or maintenance tasks ensures regular execution without manual intervention, improving system reliability.

  • Example:


crontab -e  # Opens the cron schedule editor for the current User

29. journalctl

  • Definition:

    • journalctl accesses and queries logs collected by the systemd journal.

  • What it does:

    • It displays logs from system services, kernel messages, and boot events, with powerful filtering options.

  • Why you need it:

    • Centralized logging aids in diagnosing system issues, tracking errors, and auditing system behavior over time.

  • Example:


journalctl -xe  # Shows recent logs with detailed error messages

30. reboot / shutdown

  • Definition:

    • reboot restarts the system; shutdown powers off or halts the system safely.

  • What it does:

    • They terminate all processes cleanly and bring the system down or reboot it, preventing data loss.

  • Why you need it:

    • Properly rebooting or shutting down is critical after configuration changes, updates, or maintenance to ensure system stability.

  • Example:


reboot       # Immediately restarts the system
shutdown now # Immediately powers off the system

 

Bonus Tips for Mastering These Commands

  • Practice in a Virtual Machine:  Set up a virtual machine running RHEL 9 or CentOS Stream. This safe environment allows you to experiment freely without risking your main system, closely simulating the actual RHCSA exam and real-world work scenarios.

  • Use the Man Pages:  The man command provides comprehensive, built-in documentation for nearly every Linux command. Dive into the manual pages to understand command syntax, options, and usage examples — it’s your best friend for deepening knowledge.

  • Understand, Don’t Just Memorize:  Instead of rote memorization, focus on understanding what each command and its options actually do. This deeper comprehension empowers you to adapt commands confidently across diverse situations.

  • Automate Repetitive Tasks:  Leverage  scripting to chain commands into automated workflows. Automation not only saves time but also reinforces how commands interact and operate together, improving your efficiency as a system administrator.

  • Practice Under Exam Conditions:  Time yourself while performing essential tasks to build speed and accuracy. Simulating exam-like pressure helps reduce anxiety and increases your confidence when it counts the most.

Conclusion

Mastering these 30 essential commands is a significant milestone on your RHCSA journey, but it’s only the beginning. Real expertise develops through consistent practice in practical environments, understanding the broader system context, and connecting the dots between components.If you want a structured, up-to-date, hands-on learning experience tailored specifically for the RHCSA certification, complete with labs, exam strategies, and community support: check out RHCSA.GURU. 

Bookmark this list, print it out, and keep practicing. When these commands become second nature, you’re not just prepping for an exam, you’re stepping into your role as a confident, capable Linux administrator.