10 skills every Linux system administrator should have

Linux system administrators often morph into people who wear many hats. Sometimes you have to be a network administrator, desktop support tech, and end-user advocate. Yet, you always have to be a Linux sysadmin. To that end, I've devised a list of ten essential Linux system administrator skills that you should possess. These are in no particular order of importance.

[ Free download: Advanced Linux commands cheat sheet. ]

User account management

User account management is a primary responsibility of a Linux system administrator (SA). It is also one of the responsibilities generally handed to junior-level SAs. Junior-level SAs have this task because it is time-consuming and considered to be a "lower-level" activity. That designation is not meant to be insulting toward anyone, but user account management is not a critical function such as backup and recovery, troubleshooting, or patching, for example. If you need a user account management refresher, search Enable Sysadmin for posts on the topic.

Structured Query Language (SQL)

SQL isn't a standard SA job requirement, but I'd suggest you learn it. It's a good skill to know for a variety of reasons, not the least of which is to dispell assumptions that whatever problem is going on with a database server is infrastructure-related. Stepping outside your typical SA duties to extend yourself is generally a good idea to further your own career and to increase your value to a company. Learning something new is always positive. Check out Enable Sysadmin's poll covering this topic.

Network traffic packet capture

One of Enable Sysadmin's authors, Anthony Critelli, recently wrote the article Packet sniffer basics for network troubleshooting, in which he describes the use of tcpdump as an essential SA skill. But regardless of the packet capture tool you use (tcpdump, Wireshark, etc.), capturing, interpreting, and analyzing network traffic is an important skill because of the security implications of the data you receive from it. Network traffic can alert you to multiple types of attacks in real-time and help you troubleshoot other network problems.

The vi editor

As ancient and as "old school" as it is, the vi (ViM) editor is still the editor of choice for thousands of Linux SAs. This editor is easy to use, it's installed by default, and every SA should know how to use it. If you're unfamiliar with vi, check out my introductory article on using vi. The vi editor is the gold standard text editor and has been for more than 40 years.

Backup and restore

There are a variety of applications and techniques that SAs can use to back up files and directories as well as restore them. Backup, restore, and other disaster recovery activities are essential SA skills. You have to know how to back up and restore files for your users. If you or a member of your team perform backups, you need to audit the backups by periodically restoring a few files to check your backup and restore process.

Hardware setup and troubleshooting

Every SA needs to know how to set up, maintain, and troubleshoot hardware systems. You need to know how to deal with hardware failures that include disks, memory, NICs, ports, peripherals, and the rare CPU that goes belly up. Even if your infrastructure is entirely hosted or cloud-based, you should be familiar with the underlying hardware and its configurations, limitations, and vulnerabilities so that you can ensure that your hosting company or provider stays on top of security.

Network routers and firewalls

It's important to know a little something about your network's inner workings. Get familiar with your network's routers and firewalls. You should examine your system configurations to decide if they're consistent with Linux system security practices, which means you should be running host-based firewalls. You need to know what, if any, firewall exceptions have been configured and which systems and their ports are exposed to the internet. If you don't have access, request a read-only account with access to all network hardware so that you can query and track configurations and changes.

Network switches

As a system administrator, your servers are directly connected to network switches, and you should know configuration details such as your VLAN configurations and who has access to change those configurations. Request read-only access so that you can perform queries against all network switches and switch stacks. And because your systems all have direct connections to network switches, you need to be apprised of maintenance activities and vulnerabilities associated with switch hardware and operating systems.

SIEMs and monitoring systems

Security information and event management (SIEM) and monitoring systems are absolutely essential skills to know. Sure, the security folks want to maintain a tight grip on access, but you need access to be able to keep a watchful eye on your systems. No one will ever care as much about the security of your systems as you do. You need to be able to query those systems, to have your own dashboard, and to adjust thresholds as needed. You also need to be able to set up specific monitoring for your systems that send notifications to you personally, or to a group account or device for on-call rotation purposes. 

If neither a SIEM nor a monitoring solution already exists in your network, I suggest exploring some open source or free software options before plunking down thousands (or tens of thousands) on commercial software that has a lot of functionality that you probably don't need. 

Interviewing and other interpersonal skills

I know what you're saying. You're saying, "Oh, great, someone else telling me that I need soft skills." Yes, that's what I'm telling you. Honing your interviewing skills can not only determine if you get a particular job, it can also be a major factor in the salary you get. It's true. Let's say, for example, that the salary range for a mid-level SA job is $56k to $85k per year. You might be fully qualified for the top of the range, but the company offers you $70k instead and mentions some nonsense about growth potential or they tell you that they'll bring you along when the time is right. 

You need to practice answering questions. Answer the question that's asked. Don't give so much information that you see eyes glazing over, but giving answers that are too short will make you appear arrogant or flippant. Give enough examples of your work to let the interviewer(s) know that you know what you're talking about. They can ask for more details if they want to.

You have to learn to watch other people's behaviors. Are they listening to you? Are they focused on you and the interview? Do they look as though you haven't said enough when you pause to allow them to speak or ask another question? Watch and learn. Practice with other system administrators in your group. Do mock interviews with the group. I know it might sound silly, but it's important to be able to speak to other people about what you do. This practice can also be good for you in speaking with managers. Don't get too deep into the weeds with non-technical people. Keep your answers concise and friendly, and offer examples to illustrate your points.

Wrapping up

As you can see from this list of ten essential sysadmin skills, being a system administrator isn't "just one thing." System administration covers a lot of ground and encompasses many diverse tasks. The bottom line is that you need to learn as much as you can about everything that you can. Specializing these days is not what you want to do. Additionally, being able to speak to a variety of professionals will make you even more valuable when the job market tightens up.

Want to evaluate your own sysadmin skills? Take this handy skills assessment.