linux nc command (netcat) reads and writes data over TCP or UDP sockets; it functions as a simple client or server for network debugging and automation.
nc [options] [hostname] [port]On Ubuntu/Debian, the OpenBSD netcat variant is installed by default; other distributions may ship traditional or NMAP nc, which differ in flag support. Common uses: verify firewall rules, test service availability, transfer files, scan ports, or serve raw HTTP responses.
Installation
If nc is missing, install the appropriate package:
sudo apt-get install netcat # Debian/Ubuntu
sudo yum install nc # RHEL/CentOS 7
sudo dnf install nc # Fedora/RHEL 8+Netcat Command Cheat Sheet
| Action | CLI Command | Key Flag | Description |
|---|---|---|---|
| Connect to a TCP port | nc host 80 |
None | Send stdin to port and display response |
| Listen for connections | nc -l -p 4444 |
-l -p |
TCP server on port 4444 |
| Port scan a range | nc -zv host 20-80 |
-z -v |
Scan ports 20-80 with verbose output |
| Send a file (sender) | nc -l -p 9999 < file.txt |
-l -p |
Listen; receiver connects to get file |
| Receive a file (receiver) | nc host 9999 > file.txt |
None | Connect to sender and save stream |
| UDP test | nc -u -l -p 1234 |
-u |
Listen for UDP datagrams |
| HTTP request | printf "GET / HTTP/1.1rnHost: example.comrnrn" | nc example.com 80 |
None | Fetch page via raw HTTP |
Common Netcat Options
| Flag | Type | Default | Description |
|---|---|---|---|
-l |
Mode | None | Listen mode – wait for inbound connections |
-p |
Port | None | Local port to listen on (used with -l) |
-v |
Verbosity | Minimal | Verbose output – show connection details |
-u |
Protocol | TCP | Use UDP instead of TCP |
-z |
Mode | None | Zero-I/O port scan – no data transfer |
-w |
Timeout | None | Connect/read timeout in seconds |
-k |
Flag | Off | Keep listening after client disconnects |
-n |
DNS | Disabled | Suppress DNS resolution (not in all variants) |
-s |
Source | Any | Bind to a specific source IP |
Note: Flags like -R, -W, -cf, -g are available in OpenBSD nc but less common. Check man nc.
Usage Examples
Port Scanning
nc -zv 192.168.1.1 22-80Scans ports 22 through 80 on the target. The -z flag suppresses data transfer; -v prints open ports. UDP scanning (-u) is less reliable because UDP is stateless.
File Transfer
Sender (server):
nc -l -p 8888 < backup.tar.gzReceiver (client):
nc sender-ip 8888 > backup.tar.gzTransfers a file over a plain TCP connection. The listener waits for a single client; use -k for multiple connections. No encryption — pipe through openssl enc for sensitive data.
Performing an HTTP Request
printf "GET / HTTP/1.1rnHost: example.comrnConnection: closernrn" | nc example.com 80Constructs a raw HTTP GET. Useful for debugging web servers or testing response headers.
Troubleshooting & Common Errors
| Error Message / Code | Root Cause | Resolution Command |
|---|---|---|
nc: Address already in use |
Port occupied by another process | sudo lsof -i:port or fuser -k port/tcp |
nc: Connection refused |
No service listening on target port | Verify with ss -tlnp or start listener |
nc: invalid option -- 'X' |
Flag not supported by nc variant | Check man nc; use netcat-openbsd or nmap-ncat accordingly |
Timeout with -w |
No response within timeout | Increase timeout (-w 10) or check firewall |
Performance Considerations
nc is single-threaded and does not expose buffer-size flags. Tune OS socket buffers with sysctl: sysctl -w net.core.rmem_default=262144 and wmem_default=262144. Use -w for idle timeout and -i to insert delay (seconds) between lines. Example with tuning:
cat data.txt | nc -w 5 -i 0.5 target_host 5000For parallel transfers, run multiple nc processes via shell loop or xargs -P.
Frequently Asked Questions
What is the difference between nc -l and nc -lp?
Answer: In newer OpenBSD nc, -l listens and the port is given as a positional argument; -lp is deprecated. Use nc -lv 4444. Verify with nc -h | grep -E '^-l|-p'.
When should I use the -z flag with nc?
Answer: Use -z for zero-I/O port scanning — check if a TCP port is open without sending data. Add -v for verbose: nc -zv 192.168.1.1 22 80 443. Combine with -w for timeout: nc -zv -w 2 10.0.0.5 3306.
How do I fix “nc: getaddrinfo: Name or service not known” error?
Answer: DNS resolution failure. Check DNS with nslookup example.com. Use numeric IP: nc 93.184.216.34 80. For IPv6, wrap address in brackets: nc [::1] 22.
Does nc work on AWS EC2, Azure VM, and GCP Compute Engine?
Answer: Yes, netcat is pre-installed or easily installed on all major Linux distributions used in those clouds. On Amazon Linux 2 / RHEL 8+: sudo yum install nmap-ncat -y. On Ubuntu/Debian: sudo apt install netcat-openbsd -y.
What is the fastest way to transfer a binary file between two Linux hosts using nc?
Answer: Receiver: nc -l -p 9000 > file.bin. Sender: cat file.bin | nc receiver-ip 9000. For WAN, add compression: cat file.bin | gzip -c | nc -w 3 receiver-ip 9000; receiver uses gunzip.
Command Line Expert & Software Engineer
Welcome! I’m Thomas Heinrich, a software engineer and system administrator with a deep passion for the Command Line Interface (CLI). With years of experience navigating the terminal, building backend architectures, and automating server deployments, I created this space to share practical, real-world terminal knowledge.
Whether you are a beginner taking your first steps in a Linux environment or a seasoned DevOps engineer looking to optimize your deployment scripts, you will find actionable solutions here. My goal is to help you ditch the mouse, speed up your workflow, and harness the full power of the command line.