File System Navigation: First Steps in the Terminal - Part 1 of 5 of the Terminal Techniques for You (TTY): Making Linux Security Accessible Blog Series

When you're new to Linux, the terminal can seem intimidating. Unlike the point-and-click graphical interfaces we're accustomed to, the terminal presents a blinking cursor, waiting for your commands. Behind this seemingly daunting interface lies incredible power and flexibility that forms the foundation of Linux security.

In this first part of our TTY series, we'll take our first steps into terminal navigation, building the foundation you'll need for your Linux security journey. Don't worry if you've never used a terminal before, we'll start from the beginning.

Getting Started: Opening a Terminal

Before we navigate the file system, we need to open a terminal. In our case, we're going to use the Bash Shell, ( /bin/bash ), the most common shell in Linux. All examples throughout this series will be from a Bash shell prompt.

Depending on your Linux distribution, you can typically open the terminal by:

• Pressing CTRL+ALT+T on most Ubuntu-based systems
• Right-click on the desktop and selecting "Open Terminal"
• Finding "Terminal" or "Console" in your application menu

Once open, you'll see something like this:

username@hostname:~$

This is called the prompt, shell prompt, or your terminal prompt (people use the terms interchangeably). It shows your username, the system's hostname, your current location (more on that in a moment), and a dollar sign ($), indicating you're logged in as a regular user rather than an administrator.

That blinking cursor after the $ is waiting for your commands. Let's start with the most fundamental navigation commands.

Where Am I? Finding Your Location with pwd

The first thing to know when navigating any space is your current location. In the terminal, we use the `pwd` (print working directory) command to determine this:

$ pwd

/home/sec406

The output tells you that you're currently in the `/home/sec406` directory. This is your home directory, a personal space where you can store your files.

The tilde (~) you see in the prompt is a shorthand that represents your home directory. That's why your prompt might show `~$` when you're in your home directory.

Looking Around: Listing Files with ls

Now that we know where we are, let's see what's here. The `ls’ (list) command shows the files and directories in your current location:

$ ls

Documents  Downloads  Music  Pictures  Public  Templates  Videos

These are standard directories created in most home directories on desktop Linux distributions. Let's get more details by adding the `-l` (long format) option (that's a lowercase L, not the number one):

$ ls -l

total 32

drwxr-xr-x 2 sec406 users 4096 Feb 27 14:30 Documents

drwxr-xr-x 2 sec406 users 4096 Feb 27 14:30 Downloads

drwxr-xr-x 2 sec406 users 4096 Feb 27 14:30 Music

drwxr-xr-x 2 sec406 users 4096 Feb 27 14:30 Pictures

drwxr-xr-x 2 sec406 users 4096 Feb 27 14:30 Public

drwxr-xr-x 2 sec406 users 4096 Feb 27 14:30 Templates

drwxr-xr-x 2 sec406 users 4096 Feb 27 14:30 Videos

The `-l` option gives us the "long format," and shows additional information:

• Permissions (starting with `d` for directories or `-` for files)
• Number of links
• User owner name
• Group owner name
• File size in bytes
• Last modification date and time
• File or directory name

We'll explore permissions in detail in part three, but for now, just note that the `d` at the beginning indicates these are directories (folders), not regular files.

There's one more important variation of `ls` to know. Many important files in Linux are hidden (their names start with a dot). To see these, we add the `-a` option (for the short syntax) or `--all` to specify the long option. You pick, they both do the same thing:

$ ls -a

.              .bash_logout    Documents   Music     Public     Videos

..             .bashrc         Downloads   Pictures  .ssh       .zshrc

.bash_history  .config         .local      .profile  Templates

$ ls --all

.              .bash_logout    Documents   Music     Public     Videos

..             .bashrc         Downloads   Pictures  .ssh       .zshrc

.bash_history  .config         .local      .profile  Templates

Now we can see hidden files and directories like `.bash_history`, `.config`, `.ssh`, etc.

The `.` and `..` entries have special meaning too. The `.` (dot) represents the current directory and `..` (dot dot) represents the parent directory (one level up).

Most of the time we can combine options with our commands and only need one dash/hyphen. If I wanted to use both the `-l` and the `-a`, I could use them like `-la`, -`al`, `-a -l`, or `-l -a`. The exact behavior varies depending on the command, the shell, and the options (like if they require an argument). We're getting into the weeds, so let's see an example:

$ ls -la

total 76

drwxr-xr-x 15 sec406 users 4096 Feb 27 15:50 .

drwxr-xr-x  5 root  root  4096 Feb 15 09:20 ..

-rw-------  1 sec406 users 8980 Feb 27 15:40 .bash_history

-rw-r--r--  1 sec406 users  220 Feb 15 09:20 .bash_logout

-rw-r--r--  1 sec406 users 3771 Feb 15 09:20 .bashrc

drwxr-xr-x  3 sec406 users 4096 Feb 20 10:15 .config

drwxr-xr-x  3 sec406 users 4096 Feb 20 10:20 .local

-rw-r--r--  1 sec406 users  807 Feb 15 09:20 .profile

drwx------  2 sec406 users 4096 Feb 25 16:30 .ssh

-rw-r--r--  1 sec406 users 1209 Feb 20 10:25 .zshrc

drwxr-xr-x  2 sec406 users 4096 Feb 27 14:30 Documents

drwxr-xr-x  2 sec406 users 4096 Feb 27 14:30 Downloads

drwxr-xr-x  2 sec406 users 4096 Feb 27 14:30 Music

drwxr-xr-x  2 sec406 users 4096 Feb 27 14:30 Pictures

drwxr-xr-x  2 sec406 users 4096 Feb 27 14:30 Public

drwxr-xr-x  2 sec406 users 4096 Feb 27 14:30 Templates

drwxr-xr-x  2 sec406 users 4096 Feb 27 14:30 Videos

Moving Around: Changing Directories with cd

Now that we can see where we are and what's around us, let's start moving. The `cd` command (change directory) is how we move between directories:

# Move into the Documents directory

$ cd Documents

$ pwd

/home/sec406/Documents

# Go back up one level to the parent directory

$ cd ..

$ pwd

/home/sec406

# Move to a specific path

$ cd /etc

$ pwd

/etc

# Return to your home directory

$ cd

$ pwd

/home/sec406

# Another way to go to your home directory

$ cd ~

$ pwd

/home/sec406

# Go to the previous directory you were in

$ cd -

$ pwd

/etc

You'll notice we used a forward slash `/` in paths, not the backslash `\` that Windows uses. In Linux, forward slashes separate directories in a path and the backslash is a reserved character used to escape other characters on the shell.

Understanding the File System Structure

Let's take a moment to understand the overall Linux file system structure.

Unlike Windows with multiple drives (C:, H:, I:, etc.), Linux organizes everything under a single tree starting at the file system root directory, represented by a single ( / ).

Here are some key directories you'll encounter:

$ ls -l /

total 96

lrwxrwxrwx   1 root root     7 Jan 15 09:17 bin -> usr/bin

drwxr-xr-x   4 root root  4096 Jan 15 09:30 boot

drwxr-xr-x  20 root root  3600 Feb 27 14:30 dev

drwxr-xr-x 136 root root 12288 Feb 27 14:30 etc

drwxr-xr-x   3 root root  4096 Dec 20 10:15 home

lrwxrwxrwx   1 root root     7 Jan 15 09:17 lib -> usr/lib

drwx------   2 root root 16384 Jan 15 09:15 lost+found

drwxr-xr-x   2 root root  4096 Jan 15 09:15 media

drwxr-xr-x   2 root root  4096 Jan 15 09:15 mnt

drwxr-xr-x   2 root root  4096 Jan 15 09:15 opt

dr-xr-xr-x 259 root root     0 Feb 27 14:30 proc

drwx------   5 root root  4096 Feb 15 09:30 root

drwxr-xr-x  33 root root   920 Feb 27 14:45 run

lrwxrwxrwx   1 root root     8 Jan 15 09:17 sbin -> usr/sbin

drwxr-xr-x   6 root root  4096 Jan 15 09:15 srv

dr-xr-xr-x  13 root root     0 Feb 27 14:30 sys

drwxrwxrwt  18 root root  4096 Feb 27 15:30 tmp

drwxr-xr-x  14 root root  4096 Jan 15 09:15 usr

drwxr-xr-x  13 root root  4096 Jan 15 09:25 var

Here's what some of these directories are used for:

• /home - User home directories (like yours)
• /etc - System-wide configuration files
• /var - Variable data like logs and temporary files
• /usr - User programs and data
• /bin - Essential command binaries
• /tmp - Temporary files
• /boot - Files needed to boot the system

As a beginner, you'll mostly work in your home directory, but understanding this structure will help you as you progress in your Linux security journey.

Absolute vs. Relative Paths

There are two ways to specify locations in Linux:

1. Absolute paths always start with `/` and give the complete path from the file system root to the intended destination.

$ cd /var/log

2. Relative paths are relative to your current location.

# If you're in /home/sec406

$ cd Documents

# Now you're in /home/sec406/Documents

For beginners, absolute paths are often clearer since they work regardless of your current location. However, relative paths can be shorter and more convenient when working with nearby files.

Special Path Shortcuts

There are several useful shortcuts for navigating on the shell:

• `.` (single dot): The current directory
• `..` (double dot): The parent directory
• `~` (tilde): Your home directory
• `-` (hyphen): The previous directory you were in

These can be combined with other paths:

# From anywhere, access a file in your Documents directory

$ cat ~/Documents/notes.txt

# Go up one level, then into a sibling directory

$ cd ../Downloads

Finding Files: Locate vs Find

As you work with Linux, you'll often need to find files. There are two main commands for this:

The locate command: fast but not accurate

$ locate bashrc

/etc/bashrc

/home/sec406/.bashrc

The `locate` command is fast because it searches a database (a file index) that's updated periodically (usually daily by a scheduled job). If the file was created recently, it might not appear until the database is updated. So, it's fast, but usually the information is dated. Don't get me wrong, it's phenomenal when speed is of the essence and can be a useful tool in other situations too.

To update the database, use:

$ sudo updatedb

The find command: slow but very accurate and agile

# Find all .txt files in your home directory

$ find ~ -name "*.txt"

# Find files modified in the last 24 hours

$ find ~ -type f -mtime -1

The `find` command is slower because it searches in real-time. Right after you hit ENTER on your command, the search for your query executes on the file system. It offers powerful filtering options and always shows the current state of the file system.

Making Navigation Easier: Tab Completion

One of the best productivity features in the Linux terminal is tab completion. Start typing a command or path, then press the TAB key to autocomplete commands or filenames:

# Start typing and press Tab

$ cd Doc [TAB]

# Expands to:

$ cd Documents/

If multiple completions are possible, press Tab twice (TAB TAB) to see all options:

$ cd D[TAB][TAB]

Desktop/   Documents/   Downloads/

This not only saves typing but also helps prevent errors.

Creating Your First Directory Structure

Let's practice by creating a simple directory structure for a project:

# Go to your home directory

$ cd ~

# Create a projects directory

$ mkdir projects

# Create a subdirectory for a specific project

$ mkdir projects/first_project

# Create subdirectories within the project

$ mkdir -p projects/first_project/{docs,src,data}

The `-p` option creates parent directories if they don't exist, and the curly braces let us create multiple directories at once.

Now let's check our work:

$ ls -la projects/first_project/

total 20

drwxr-xr-x 5 sec406 users 4096 Feb 27 16:15 .

drwxr-xr-x 3 sec406 users 4096 Feb 27 16:15 ..

drwxr-xr-x 2 sec406 users 4096 Feb 27 16:15 data

drwxr-xr-x 2 sec406 users 4096 Feb 27 16:15 docs

drwxr-xr-x 2 sec406 users 4096 Feb 27 16:15 src

Security Implications of File System Navigation

Even at this early stage, there are important security aspects to consider:

1. Sensitive information in hidden files: Many configuration files are hidden (they start with a dot) and can contain sensitive information like passwords or API keys. Always use `ls -a` to see them.
2. Understanding permissions: Notice the permission strings at the beginning of each line in `ls -l` output. In our next few posts, we'll learn how permissions control who can access each file or directory.
3. Being aware of your location: Always check your current directory with `pwd` before running commands, especially those that modify files or install software.
4. Private information in home directory: Your home directory contains personal information. By default, many Linux distributions typically allow other users to see the names of your files but not their contents.
5. Understanding system directories: System directories like `/etc` contain critical configuration files. Be cautious when accessing these areas, especially with administrator privileges.

Practical Exercise: Exploring Safely

Let's put what we've learned into practice with a safe exploration exercise:

1. Start in your home directory:

$ cd ~

2. List all files, including hidden ones:

$ ls -la

3. Look for potentially sensitive configuration directories:

$ ls -la .ssh

$ ls -la .config

4. Explore the system-wide configuration directory:

$ ls -l /etc

5. Return to your home directory:

$ cd

6. Create a practice directory structure:

$ mkdir -p ~/practice/{documents,backups,scripts}

7. Navigate through the structure you created:

$ cd ~/practice

$ ls

$ cd documents

$ cd ../backups

$ cd ../scripts

$ cd ~

### Terminal Customization: Making Navigation Easier

As you become more comfortable with the terminal, you might want to customize it to make navigation easier.

Creating Aliases for Common Commands

Add these lines to your `~/.bashrc` file to create shortcuts for common commands:

# Add to your ~/.bashrc file

alias ll='ls -la'

alias home='cd ~'

alias up='cd ..'

After editing, reload your configuration so your shell knows about your new shortcuts:

$ source ~/.bashrc

Now you can type `ll` instead of `ls -la`, `home` to go to your home directory, and `up` to go up one level.

Setting Up Command History

The terminal keeps a history of commands you've run. Press the up arrow to cycle through previous commands, or use `history` to see them all:

$ history

You can also search the history by pressing CTRL+R and typing part of a command.

Your First Steps into the Linux Terminal

Congratulations! You've taken your first steps into the Linux terminal environment. You now know how to:

• Find your current location with `pwd`
• View files and directories with `ls`
• Move around the file system with `cd`
• Understand the Linux file system structure
• Use absolute and relative paths
• Find files with `locate` and `find`
• Create directories with `mkdir`
• Use tab completion to work more efficiently

This foundational knowledge will serve you throughout your Linux security journey. Remember, becoming comfortable with the terminal takes practice. Don't be afraid to explore in your own virtual machine or lab environment and use `--help` after any command to see its options:

$ ls --help

Practice Questions

To reinforce your learning, try answering these questions:

1. If you're currently in `/home/username/Documents`, what command would you use to move to `/home/username/Pictures`?
2. What command shows hidden files in the current directory?
3. How would you create a directory called "security_projects" in your home directory from any location in the file system?
4. What does the special path shortcut `~` represent?
5. If you want to know where you currently are in the file system, what command would you use?

Want to know more? Check out the course preview of SEC406^TM: Linux Security for InfoSec Professionals^TM for a free hour of course content. Ready to take your Linux skills to the next level? For a limited time, take SEC406 for just $5,250!

Coming up next on TTY, we'll explore how to keep your system secure through updates and package management.