You have ordered a VPS from Momo Cloud, paid the invoice, and the instance is provisioned. You open your server from the server list in the client area at cloud.momo.tz, reveal the root password with the eye icon, note the IP address, and connect over SSH. Now you are staring at a blinking prompt with no idea what to type. This guide fixes that.
These are the ten command groups that cover the overwhelming majority of what you will ever do on an Ubuntu 22.04/24.04 LTS server. Learn them and you can navigate, edit, debug, secure and maintain your VPS with confidence. Every example below works as written on a stock Ubuntu install.
1. Navigating: where am I and what is here?
Before you do anything, you need to know where you are in the filesystem and what surrounds you. Three commands handle this.
pwd # print working directory (your current location)
cd /var/www # change directory
cd ~ # go to your home directory
cd .. # go up one level
ls -lah # list everything, long format, human-readable sizesThe flags on ls are worth memorising: -l gives a detailed listing, -a shows hidden dotfiles (like .env or .ssh), and -h prints sizes as 4.0K or 2.3G instead of raw bytes. You will type ls -lah hundreds of times.
2. Working with files and directories
Creating, copying, moving and deleting files is the bread and butter of server work.
mkdir -p /var/www/myapp/releases # create nested directories in one go
cp config.php config.php.bak # copy (always back up before editing)
cp -r templates/ backup_templates/ # copy a directory recursively
mv old-name.conf new-name.conf # move or rename
rm -i unwanted.log # remove, but ask for confirmation firstWarning: There is no recycle bin on Linux. rm is permanent and instant. Get into the habit of using rm -i so the shell asks before each deletion, and treat rm -rf with extreme respect — a stray space turns rm -rf /tmp/cache into a server-wiping disaster.
To actually edit a text file, nano is the friendliest editor and ships with Ubuntu:
nano /etc/nginx/sites-available/defaultInside nano, Ctrl+O then Enter saves, and Ctrl+X exits. The shortcuts are listed along the bottom of the screen, where ^ means the Ctrl key.
3. Viewing and searching file contents
Most of your time debugging will be spent reading files and logs. These are the tools for it.
cat app.conf # dump a whole (short) file to the screen
less /var/log/syslog # page through a large file (q to quit)
tail -n 50 /var/log/nginx/error.log # last 50 lines
tail -f /var/log/nginx/access.log # follow a log live as it updatestail -f is indispensable: run it in one terminal, reload your website in the browser, and watch requests and errors appear in real time. Press Ctrl+C to stop following.
To find a needle in a haystack, use grep:
grep "404" /var/log/nginx/access.log # every line containing 404
grep -ri "database_password" /etc/ # recursive, case-insensitive search
ps aux | grep nginx # filter the output of another commandThat last example shows the pipe (|), which feeds the output of one command into another. It is one of the most powerful ideas in the shell.
4. Permissions and ownership: the rwx model
Every file has an owner, a group, and a set of permissions for three classes of user: the owner, the group, and everyone else. Run ls -lah and you will see something like -rw-r--r-- 1 www-data www-data.
The permission string breaks down into r (read), w (write) and x (execute), repeated three times — for owner, group and others. These also map to numbers: r=4, w=2, x=1.
| Number | Permissions | Typical use |
|---|---|---|
644 | rw-r--r-- | Normal files (owner edits, others read) |
755 | rwxr-xr-x | Directories and executable scripts |
600 | rw------- | Secrets, e.g. private keys and .env files |
chmod 644 index.html # set permissions by number
chmod +x deploy.sh # make a script executable
chown www-data:www-data app.log # change owner and group
chown -R www-data:www-data /var/www/myapp # recursively for a web rootTip: Resist the urge to "fix" permission problems with chmod 777. It makes a file writable by everyone on the system and is a genuine security hole. The web server runs as www-data; making your web files owned by that user with 755/644 is almost always the correct answer.
5. Processes and resource usage
When your VPS feels slow or a service has crashed, you need to see what is running and what is consuming resources.
top # live view of processes and CPU/memory (q to quit)
htop # a friendlier, colour version (install it first)
ps aux # snapshot of every running process
ps aux | grep php # find a specific processIf a process is stuck or runaway, find its PID (process ID) from ps aux or top, then end it:
kill 4823 # ask the process to terminate gracefully
kill -9 4823 # force it to stop (last resort)To check disk and memory headroom — a common cause of mysterious failures:
df -h # disk space per filesystem, human-readable
free -h # RAM and swap usageA full disk (100% in df -h) will silently break databases and web servers, so check this early whenever something stops working.
6. Package management with apt
Ubuntu installs and updates software through apt. The first thing to do on any new VPS is bring it fully up to date.
sudo apt update # refresh the list of available packages
sudo apt upgrade # install available updates
sudo apt install htop curl ufw # install one or more packages
sudo apt remove some-package # uninstallRun sudo apt update && sudo apt upgrade -y regularly. The && chains the two commands so the upgrade only runs if the update succeeds, and -y answers "yes" automatically.
7. Managing services with systemctl
Long-running programs like Nginx, MySQL and PHP-FPM are managed by systemd. The verbs you need are status, restart, start, stop and enable.
sudo systemctl status nginx # is it running? recent log lines?
sudo systemctl restart nginx # restart after a config change
sudo systemctl enable nginx # start automatically on boot
sudo systemctl stop nginx # stop the serviceAfter editing a service's configuration, restart applies the change. The status output is also the quickest way to confirm whether a service failed to start and why.
8. Networking basics
When something cannot connect, these three commands tell you whether the problem is your server, the network, or DNS.
ss -tulpn # which ports are listening, and which process
curl -I https://example.com # fetch HTTP headers from a URL
curl ifconfig.me # show this server's public IP
ping -c 4 cloud.momo.tz # test connectivity (4 packets)ss -tulpn is the modern replacement for netstat. If your web app is unreachable, check that it is actually listening on the expected port (:80, :443) here. curl -I against your own domain confirms whether the server responds at all.
9. Superuser safety with sudo
Many commands above are prefixed with sudo ("superuser do"), which runs a single command with administrator privileges. The best practice is to create a regular user, give it sudo rights, and use that for daily work instead of logging in as root.
adduser deploy # create a new user
usermod -aG sudo deploy # grant it sudo privileges
# log in as that user, then use sudo per-command:
sudo systemctl restart nginxWarning: Living as root means a single typo can destroy the whole system with no safety net, and any compromised process runs with total control. Using a normal account with sudo forces a deliberate pause before privileged actions and keeps an audit trail. Treat root as a tool you reach for, not a place you live.
10. Your recovery lifeline: the web Console
Eventually you will lock yourself out — a firewall rule that blocks SSH, a broken network config, or a wrong password. Do not panic, and do not assume the server is lost.
Tip: Open your VPS from the server list at cloud.momo.tz and click the Console button. This gives you an in-browser VNC session straight to the machine that works even when SSH is completely broken. From there you can fix the firewall, reset a config, or reboot using the power controls. The Console is your guaranteed way back in — remember it exists before you start experimenting with network settings.
Wrapping up
Ten commands will not make you a kernel hacker, but they will let you run, debug and secure a real production server: navigate with cd/ls, edit with nano, read logs with tail -f and grep, control access with chmod/chown, watch resources with top and df -h, keep things patched with apt, manage services with systemctl, diagnose the network with ss and curl, and stay safe with sudo. Practise each one on a low-stakes box until the muscle memory sticks.
If you have not provisioned a server yet, you can spin up an Ubuntu VPS from the Momo Cloud client area at cloud.momo.tz and pay in TZS with M-Pesa, Tigo Pesa, Airtel Money, card or wallet balance. Stuck on something? Our team is available 24/7 in English and Swahili — open a support ticket from the client area and we will help you get unstuck.
