Linux Commands¶
| command | usage | syntax |
|---|---|---|
| audit2why | why is SELinux denied |
audit2why -i /var/log/audit/audit.log grep 1573441241.893:21782 /var/log/audit/audit.log | audit2why |
| awk | pattern scanning and processing
language |
ps aux | awk ‘{ print $2 }’ |
| base64 | base64 encode/decode |
echo “Hello World” | base64 echo “SGVsbG8gV29ybGQK” | base64 -d base64 -d encoded_b64.txt |
| blkid | locate/print block device attributes
(requires sudo) |
|
| bzip2, bunzip2 | bzip2 compression utility |
|
| cat | print content of file |
cat /etc/passwd |
| chage | change/view aging rules for
userid |
chage -l jsnow |
| chcon | change SE Linux labeling |
chcon -t samba_share_t /common |
| chgrp | change group owner
of file/directory |
chgrp team secret.txt |
| chmod | change file permissions |
chmod +x file.sh chmod u+x file.sh chmod g+x file.sh chmod o-rxw file.sh chmod 0770 /sales # all group members can add/delete from folder, can read/delete but not write to other’s files chmod 1770 /sales # all group members can add/delete from folder, but only owner can delete its own files chmod 2770 /sales # all group members can add/delete from folder, read/write other’s files chmod 3770 /sales # all group members can add/delete from folder, only owner can delete its own files chmod ug+rwxs /sales |
| cpio | cpio archive |
cpio -i < initramfs-linux.img |
| docker | manage docker containers | docker ps docker images docker build –tag reverseproxy:1.0 . |
| chown | change file owner |
chown root:root file.sh chown -R root:root /root/secret |
| chsh | change shell |
chsh –shell /bin/fish bwolf |
| chvt | change virtual console |
chvt 2 |
| crontab | edit / view crontabs |
crontab -e crontab -el jsnow crontab -eu jsnow |
| cryptsetup | Setup and manager LUKS devices |
cryptsetup luksFormat -v -s 512 -h sha512 /dev/sda2 cryptsetup open /dev/sda2 luks_lvm cryptsetup luksChangeKey <target device> -S <target key slot number> cryptsetup luksDump /dev/sda2 cryptsetup luksAddKey –key-slot 1 /dev/sda2 cryptsetup luksRemoveKey /dev/sda2 |
| curl | get data from url |
curl -Ok https://www.google.com curl –insecure -L -v -s -o /dev/null https://www.google.com/ |
| cut | cut part of file |
cut -f 1 cities.txt cut -f 1 -d : /etc/passwd |
| date | print date |
date -d “+1month” date ‘+%Y%m%d-%H:%M’ |
| diff | Produce a differenct between
files/directories |
diff /etc /backup/etc diff <(ls -a) <(ls -A) # Difference of output between two ls commands |
| dig | dns lookup |
dig +dnssec +multi @8.8.8.8.8 www.google.com dig +short www.dn.se dig -x 2.18.74.134 dig @8.8.8.8 www.dn.se dig www.google.com SOA dig @ns2.mil.se mil.se TXT | MX | SPF |
| dd | disk duplicator write to/from cdrom/iso/usb |
dd if=pfSense-CE-memstick-2.3.5-RELEASE-amd64.img of=/dev/sdb bs=1M dd status=progress if=/dev/vda | ssh 172.16.11.10 dd of=/dev/vda dd if=/dev/cdrom of=/home/jsnow/myiso |
| df | display filesystems |
df -h |
| dmsetup | Manage dm disks |
dmsetup info /dev/dm-5 |
| dnf | next version of yum packet manager | dnf module list postgresql dnf module enable postgresql:12 dnf -y install postgresql-server |
| docker-compose | Manager docker projects |
docker-compose -f docker-compose-postgres.yml up -d |
| drill | nslookup dnssec |
drill -DT www.google.com |
| du | files/directories size calculation |
du -sh * du -a | sort -n -r | head -n 5 |
| egrep | grep with regexp |
egrep -v “^$|^#” /etc/ssh/sshd_config |
| fallocate | preallocate a file |
fallocate-l 20MB helloworld |
| ffmpeg | convert videos | ffmpeg -i installation.mkv -vcodec mpeg2video -qscale 0 -acodec copy -f vob -copyts -y installation.mpg |
| file | identify fileformat |
|
| find | find files |
find / -name *.log find / -user jsnow -exec cp -rfp {} /root/filesfound/ \; for x in $(find /etc/zypp/repos.d/ -maxdepth 1 -name *.repo);do mv $x $(echo $x|sed ‘s/SP2/SP3/g’) ;done for x in $(find /etc/zypp/repos.d/ -maxdepth 1 -name *.repo);do sed -i ‘s//REPTIL///REPTIL2//g’ ;done |
| firewall-cmd | firewalld managemant rules/zones |
firewall-cmd –list-all firewall-cmd –reload firewall-cmd –permanent –add-masquerade firewall-cmd –permanent –add-service={http,https} firewall-cmd –permanent –add-port={80/tcp,443/tcp,389/tcp,636/tcp,88/tcp,464/tcp,53/tcp,88/udp,464/udp,53/udp,123/udp} firewall-cmd –permanent –add-rich-rule=’rule family=ipv4 source address=10.0.0.0/24 destination address=192.168.0.10/32 port port=22 protocol=tcp accept’ firewall-cmd –permanent –list-rich-rules firewall-cmd –permanent –remove-rich-rule=’rule family=ipv4 source address=10.0.0.0/24 destination address=192.168.0.10/32 port port=22 protocol=tcp accept’ firewall-cmd –permanent –zone=testing –add-rich-rule=’rule family=ipv4 source address=192.168.0.10/24 reject’ firewall-cmd –permanent –add-rich-rule=’rule service name=ssh limit value=10/m accept’ firewall-cmd –permanent –add-rich-rule=’rule family=”ipv4” source address=”192.168.0.0/24” service name=”ssh” log prefix=”ssh” level=”info” limit value=”50/m” accept’ firewall-cmd –permanent –add-rich-rule ‘rule family=ipv4 source address=192.168.0.0/24 forward-port=513 protocol=tcp to-port=132’ firewall-cmd –direct –add-rule ipv4 filter INPUT 0 -p tcp –dport 9000 -j ACCEPT firewall-cmd –direct –get-all-rules |
| fc-list | list available fonts |
|
| fc-match | match available fonts |
fc-match monospace |
| for | loop in bash | for a in ‘s-master’ ‘s-worker-1’ ‘s-worker-2’ ‘s-nfs’ ‘s-pg’; do ssh -i .ssh/okd_rsa root@$a ‘systemctl stop firewalld’;done |
| free | available memory |
free -m free -h |
| getfacl | list file access list |
|
| getsebool | get SELinux boolean values |
getsebool -a |
| git | Distributed version control
system. |
git –version git config –global user.name “BiBadWolf” git config –global user.email “bigbadwolf@secretbunker.se” git config –list git clone https://github.com/polygamma/aurman git clone https://github.com/polygamma/aurman aurman2 git pull git status git add -A . git status git commit -m “Updated file X” git push git init git add .Xresources git status git user.name bigbadwolf git commit -m “My first commit” git remote add origin https://github.com/p3ll1n0r3/dotfiles git push –mirror |
| grep | find string in file(s) |
grep -i ‘DaRliNg’ document.txt grep ‘Hello world’ document.txt cat /etc/passwd | grep jsnow grep -i linux *.txt grep -v ^# /etc/ssh/sshd_config | grep . grep -B3 -A3 error /var/log/messages grep -v ^$ /etc/ssh/sshd_config grep -v ^root /etc/passwd |
| grubby | update boot parameters kernels |
grubby –update-kernel=ALL –args=”console=ttyS0″ |
| gzip, gunzip | gzip compression utility |
|
| head | show the first n lines in a file |
head -100 /var/log/messages |
| hostnamectl | set hostname for system |
hostnamectl set-hostname mycentos.example.com |
| httpd | apache web server |
httpd -t |
| iostat | monitoring system io device |
|
| ip | ip manipulate |
ip addr help ip route help ip link help ip a ip r ip -s link ip addr add 172.16.11.10 dev ens3 ip route add 172.16.11.0/24 dev ens3 ip route add default via 172.16.11.1 dev ens3 ip route add 192.0.2.1/24 via 10.0.0.1 dev eth0 |
| iscsiadm | iscsi initiator admin |
iscsiadm -m discovery -t st -p 192.168.1.75 iscsiadm -m node T iqn.2015-02.org.bigbadwolf:system1 -p 192.168.1.75:3260 -l |
| journalctl | view systemd logs |
journalctl -f journalctl -b journalctl _PID=1 journalctl –list-boots journalctl -u sshd.service journalctl -p err..emerg journalctl -u sshd.service -o json journalctl -u sshd.service -o json-pretty journalctl -u sshd.service -o verbose |
| ln | create links |
ln /etc/hosts computers ln -s /etc/hosts computers |
| localectl | set and view locale settings |
localectl list-keymaps localectl list-locales localectl set-keymap sv-latin1 localectl set-locale LANG=”en_US.utf8” |
| locate | find files in database |
|
| ls | list files/directories |
ls -latr ls -lah ls -d [!a-f]* ls -il * ls -la {*.conf,*rc} ls -la *+(.conf|rc) |
| lsblk | list block devices |
|
| lshw | list hardware |
|
| lscpu | list cpu info |
|
| lslocks | list system locks |
|
| lsmem | list memory |
|
| lsmod | list loaded modules |
|
| lsof | list open files |
lsof -p 616 lsof /dev/sda2 lsof /var/log/locked-logfile.log |
| lspci | list pci devices |
|
| lsscsi | list scsi devices |
|
| lsusb | list usb devices |
|
| lvcreate | create logical volume |
lvcreate -L 100GB -n backup rootvg lvcreate -l 100 -n lv_100extends rootvg lvcreate -l 100%FREE -n lv_100procent_available rootvg |
| lvdisplay | list logical volumes with details |
|
| lvextend | logical volume extend |
lvextend -size 200M -r /dev/vg/lv_xfs lvextend -L +100M -r /dev/mapper/rootvg-root-100MB-lv lvextend -l 50 -r /dev/mapper/rootvg-my50extend-lv lvextend -l 100%FREE -r /dev/mapper/rootvg-home-rest-of-available-space-in-vg |
| lvmdiskscan | list devices that may be used as physical volumes |
|
| lvs | list logical volumes |
|
| md5sum | calculate md5 checksum |
md5sum /iso/archlinux.iso |
| mkswap | create a swap partition |
makeswap /dev/vg/lv_swap2 |
| man | man pages |
man nmcli-examples man teamd.conf man 5 firewalld.richlanguages man 7 signal man -k passwd |
| mkdir | make directory |
mkdir /var/log/httpd mkdir -p /srv |
| mount | mount filesystem |
mount -a mount /www mount /dev/cdrom /mnt mount -o rw /srv/virtualmachines |
| mpstat | Report processors related statistics | |
| nft | allows configuration of tables, chains and rules provided by the Linux kernel firewall. |
nft add table inet filter # Add a new table with family “inet” and table “filter” nft add chain inet filter INPUT { type filter hook input priority 0 \; policy accept \; } # Add a new chain to accept all inbound traffic nft add rule inet filter INPUT tcp dport \{ ssh, http, https\ } accept # Add a new rule to accept several TCP ports nft add rule inet filter INPUT drop # Rule drop everything else nft list ruleset # View current configuration nft –handlr –numeric list chain # Show rule handles nft delete rult inet filter input handle 3 # Delete a rule nft list ruleset > /etc/nftables.conf # Save current configuration |
| nmcli | network manager CLI |
nmcli con show nmcli dev show nmcli con up VPN –ask nmcli con add con-name eth0 ifname eth0 type ethernet ip4 192.168.1.22/24 gw4 192.168.1.1 nmcli con mod eth0 ipv4.dns 192.168.1.1 nmcli con up eth0 nmcli con add type team con-name team0 ifname team0 config ‘{ “runner”: {“name”:”activebackup”}}’ nmcli con add type team-slave con-name team0-slave1 ifname eth0 master team0 nmcli con add type team-slave con-name team0-slave2 ifname eth1 master team0 nmcli con mod team0 config ‘{ “runner”: {“name”:”activebackup”}}’ nmcli con add type team-slave ifname eno1 master team0 nmcli con add type team-slave ifname eno2 master team0 nmcli con mod team0 ipv4.addresses 192.168.1.10/24 nmcli con mod team0 ipv4.gateway 192.168.1.1 nmcli con mod team0 ipv4.method manual nmcli con mod team0 ipv4.dns 8.8.8.8 nmcli con mod team0 +ipv4.dns 8.8.4.4 nmcli con up team-slave-eno1 nmcli con up team-slave-eno2 nmcli con show team0 nmcli con mod “enp0s3” ipv4.addresses ‘192.168.1.77/24 192.168.1.1’ ipv4.dns 192.168.1.1 ipv4.method manual nmcli con mod “enp0s3” ipv6.addresses ‘FDDB:FE2A:AB1E::C0A8:1/64’ ipv6.method manual nmcli con reload nmcli dev wifi list nmcli dev wifi connect SSID password SSID_PASSWORD nmcli -p -f general,wifi-properties device show wlp3s0 nmcli general permissions nmcli general logging nmcli con delete uuid d49f78de-68d2-412d-80bc-0e238d380b8e |
| nmap | network / open ports scanner/mapper|br| |
nmap -sV -p 22 localhost |
| nmtui | network manager text menu |
|
| osinfo-query | qemu-kvm tool identify correct identifier |
osinfo-query os |
| openssl | create / manipulate and get certificates |
openssl s_client -connect www.google.com:443 -showcerts < /dev/null 2> /dev/null |openssl x509 -outform PEM openssl req -subj “/commonName=www.hellden.se/” -x509 -days 3650 -newkey rsa:4096 -keyout /etc/ssl/private/nginx-www.hellden.se.key - out /etc/ssl/certs/nginx-www.hellden.se.crt |
| passwd | set password for user |
passwd jsnow passwd -e 90 jsnow passwd -u passwd -L ? |
| pidstat | Report statistics for Linux tasks | |
| pip | python module installer |
pip install -r requirements.txt pip install {package-name} pip install git+https://github.com/Gallopsled/pwntools.git@dev |
| pkaction | manage polkit actions |
pkaction –action-id org.freedesktop.NetworkManager.reload –verbose |
| pmap | print memory map of process |
pmap $$ pmap 1 |
| ps | process viewer |
ps -ef ps fax ps aux | awk ‘{ print $2 }’ |
| pvcreate | create lvm physical volume |
pvcreate /dev/sda1 |
| pvdisplay | list physical volumes details |
|
| pvs | show physical volumes |
|
| pwd | print working directory |
|
| pwdx | print pwd a process |
|
| python | python programming language |
python -m venv django-project python -c ‘import time;print(time.ctime(1565920843.452))’ |
| qemu-img | disk/image manipulation |
qemu-img convert -f raw -O qcow2 /var/lib/libvirt/images/machine01.img /var/lib/libvirt/images/machine01.qcow2 |
| renice | set new nice value for process |
renice -n -10 -p 1519 renice +10 1519 |
| repoquery | query package at repository |
repoquery -ql bind-utils |
| restorecon | restore SElinux labeling on files |
restorecon -R /xfs restorecon -R -v /var/www/mediawiki.secretbunker.org/www/ |
| rkhunter | root kit hunter |
rkhunter –update rkhunter –propugd rkhunter –check -sk |
| rm | remove files/directories |
rm -rf etcbackup.tar find . -inum 210666 -exec rm -i {} i\; # delete file with inodenummer |
| rpm | manage rpm packages |
rpm -qa rpm -qc chrony rpm -qf /etc/passwd rpm -qd chrony rpm -ql setup rpm -q –scripts setup |
| rsync | sync and copy tool |
rsync -aAXvS –info=progress2 –exclude={“/dev/”,”/proc/”,”/sys/”,”/tmp/”,”/run/”,”/mnt/”,”/media/”,”/lost+found/”,”/backup/*”} / /backup |
| sar | collect, report, or save system activity information |
sar -A |
| scp | secure copy files |
scp bigbadwolf@secretbunker.se:~/test.sh . scp -P 2022 secret.txt bigbadwolf@remote-server.com:/~ |
| sed | string editor |
sed -Ei.bak ‘/^\s*(#|$)/d’ /etc/sshd/sshd_config sed -n /^root/p /etc/passwd sed -i ‘s/linda/juliet/g’ /etc/passwd |
| semanage | SELinux set labelling on functions/files/directories |
semanage fcontext -a -t user_home_dir_t “/xfs(/.*)?” semanage port -a -t http_port_t -p tcp 8999 semanage port -d -t http_port_t -p tcp semanage port -l semanage port -lC semanage permissive -l semanage fcontext -a -t httpd_sys_content_t “/var/www/mediawiki.secretbunker.org/www/(/.*)?” |
| setfacl | set file access list |
setfacl -R -m u:david:rwx /home/jsnow setfacl -m d:g:sales:rx /account setfacl -m d:g:david::- /account ???? |
| setsebool | set SELinux boolean value |
setsebool -P httpd_use_nfs on setsebool -P named_write_master_zones on setsebool -P httpd_unified 1 |
| sha1sum |
calculate hash checksum |
sha256sum /iso/archlinux.iso |
| sha224sum |
sha256sum *.tar > sha256sum.txt |
|
| sha256sum |
sha256sum -c sha256sum.txt |
|
| sha384sum |
||
| sha512sum |
||
| smbpasswd | set samba user password |
smbpasswd -a robby |
| snapper | manage btrfs snapshosts |
snapper -c root create-config /
snapper list snapper create –type pre –print-number –description “Before LAMP install” snapper create –type post –pre-number 108 –description “After the Apache install” snapper status 108..109 snapper list -t pre-post snapper -v undochange 108..109 snapper diff 108..109 /etc/passwd snapper –config root delete 1-144 |
| socat | multipurpose relay |
socat tcp-connect:192.168.1.100:2604 file:tty,raw,echo=0 |
| sort | sort input |
sort -n sort -f |
| ssh | secure shell connection |
ssh jsnow@secret.org ssh -vvv -i ~/.ssh/id_rsa bigbadwolf@secretbunker.org ssh -Xa bigbadwolf@secretbunker.org ssh -p 2022 secretbunker.org ssh -Q {cipher|mac|kex} secretbunker.org |
| sshfs | filesystem client based on ssh |
sshfs bigbadwolf@10.1.1.1:/ /mnt |
| ssh-agent | start a ssh-agent |
ssh-agent -s |
| ssh-add | add a key to the ssh-agent |
ssh-add ~/.ssh/id_rsa |
| ssh-keygen | generate SSH keypair |
ssh-keygen -b 4096 -t rsa |
| ssh-copy-id | copy ssh key to server |
ssh-copy-id secretbunker.org ssh-copy-id -p 2022 -i ~/.ssh/id_rsa.pub bigbadwolf@secretbunker.org |
| sudo | run program as superuser |
sudo systemctl restart nginx.service sudo -i sudo -l |
| swapoff | turn off swap on filesystem |
swapoff /dev/mapper/rootvg-swap |
| swapon | turn on swap on filesystem |
swapon -a swapon /dev/mapper/rootvg-swap |
| sysctl | configure kernel parameters at runtime |
sysctl -w net.ipv4.ip_forward=1 sysctl -w net.ipv4.ip_forward=1 >> /etc/sysctl.d/net_ipforward.conf sysctl -p |
| systemctl | systemd control |
systemctl list-unit-files –state=enabled systemctl list-timers systemctl -t help systemctl enable –now libvirtd systemctl disable libvirtd systemctl start libvirtd.service systemctl stop libvirtd.service systemctl mask sshd.service systemctl unmask sshd.service systemctl list-dependencies sshd.service systemctl is-enabled libvirtd.service systemctl get-default systemctl set-default graphical.target systemctl isolate multi-user.target systemctl –failed |
| tar | manage tarballs |
tar -xvf microcode-20180108.tgz -C /tmp tar -cf etcbackup.tar /etc/* tar -cvzf /tmp/tar.tgz /usr/local tar -tvf etc.tgz tar -xvf etc.tgz -C / etc/hosts tar -cvf my0.tar -g my.snar tar -cvf my1.tar -g my,snar tar -xvf my0.tar -g /dev/null tar -xvf my1.tar -g /dev/null |
| targetcli | manage and setup iscsi targets |
targetcli /backstores/block create block1 /dev/iscsi_storage/iscsi_storage_lv targetcli /iscsi create iqn.2015-02.org.secretbunker:system1 targetcli /iscsi/iqn.2015-02.org.secretbunker:system1/tpg1/acls create iqn.2015-02.org.secretbunker:system2 targetcli /iscsi/iqn.2015-02.org.secretbunker:system1/tpg1/luns create /backstores/block/block1 targetcli /iscsi/iqn.2015-02.org.secretbunker:system1/tpg1/portals delete 0.0.0.0 3260 targetcli /iscsi/iqn.2015-02.org.secretbunker:system1/tpg1/portals create 192.168.1.75 3260 targetcli saveconfig |
| tail | display the last n lines in a file |
tail -200 /var/log/messages tail -f /var/log/messages |
| tcpdump | monitor/capture network data |
tcpdump “host 10.135.246.129 and port 601” -vvvv -A |
| teamdctl | team connections control /usr/share/doc/teamd-x.xx /example_configs |
teamdctl nm-team state |
| timedatectl | set and view time date |
timedatectl list-timezones timedatectl set-timezone Europe/Stockholm timedatectl status |
| touch | updates access / modification times |
touch helloworld.txt |
| tr | translate |
echo “Hello World” | tr a-z A-Z echo “Hello World” | tr [:lower:] [:upper:] |
| udevadm | monitor in realtime for udev watch system changes (add/remove devices or devices reporting changes) |
udevadm monitor |
| umount | unmount a filesystem |
umount /mnt |
| uname | print detailed information about kernel and system |
uname -a uname -r |
| updatedb | update the locate database |
|
| useradd | add linux user |
useradd -c “BigBadWolf/NSA” -m bwolf useradd -u 2000 bwolf |
| usermod | modify user parameters |
usermod -aG sudousers bwolf usermod -e 2018-09-02 bwolf usermod –shell /bin/fish bwolf |
| vgcreate | create volume group |
vgcreate rootvg /dev/sda1 vgcreate -s 16M vg_16M_extends /dev/sda2 |
| vgs | show volume groups |
|
| vgdisplay | list volume group details |
|
| vgscan | scan for existing volume groups |
|
| virsh | qemu/kvm management |
virsh list –all virsh edit web2-server virsh start web2-server virsh autostart web2-server virsh autostart –disable web2-server virsh undefine web2-server |
| virt-install | create/install new qemu guest |
virt-install -n test -r 1024 –vcpus=1 –os-variant=centos7.5 –accelerate –nographics -v –disk path=/var/lib/libvirt/shared-storage/test.img,size=20 –extra-args “console=ttyS0” –location /iso/CentOS-7.5-x86_64-netinstall.iso virt-install -n test -r 1024 –vcpus=1 –accelerate –nographics -v –disk path=/var/lib/libvirt/images/test.img,size=20 –console pty,target_type=serial –cdrom /iso/archlinux-2018.06.01-x86_64.iso |
| vmstat | print virtual memory stats |
|
| watch | execute a executio update |
watch ps -p 1104 watch lsof -p 1104 |
| wc | count lines, words or bytes |
cat filename | wc - l wc -c filename wc -b filename wc -m filename |
| whereis | find files in database |
|
| which | find files in database |
|
| xfs_admin | manage xfs filesystems |
xfs_admin -L “my disklabel” /dev/mapper/rootvg-root |
| xrandr | manage output display for X11 |
xrandr –output HDMI-2 –auto –output eDP-1 –auto –left-of HDMI-2 xrandr –output Virtual-0 –mode 1920x1080 xrandr –query |
| xrdb | xrdb tool configuration |
xrdb -merge ~/.Xresources |
| xset | set x tool |
xset r rate 300 50 |
| xxd | hexdecimal conversions |
|
| yum | yum manager |
yum repolist yum clean all yum update -y yum –disable=\* –enable=c7-media install bind-utils yum history yum install –downloadonly –downloaddir=/root/downloadpackages yum updateinfo list available yum updateinfo list security all yum updateinfo list security sec yum updateinfo list security installed yum info-sec yum update –security yum update-minimal –security yum update –cve CVE-2008-0947 yum updateinfo list yum update –advisory=RHSA-2014:0159 yum updateinfo RHSA-2014:0159 yum updateinfo list cves |
| yum-config-ma.. | mange repos |
yum-config-manager –add-repo helloworld yum-config-manager –disable c7-media |
| zypper | SUSE package manager |
zypper in {packagename} zypper refresh zypper lu zypper –releasever=15.2 ref zypper –releasever=15.2 dup zypper wp /etc/passwd zypper repos -d zypper info –requires {packagename} |
| wget | get noninteractive network download |
wget http://www.google.com wget -O save-as-helloworld.txt http://wwww.getfile.com/index.html wget –no-check-certificate https://site-without-signed-certificate.com/ |