Welcome to this level 1 in the OverTheWire Bandit wargame series, a beginner-friendly CTF (Capture The Flag) challenge that teaches you the basics of navigating Linux through the terminal. In this Level 1 walk-through, we’ll learn how to connect to a remote server via SSH and retrieve your first password using simple command-line tools. If you're just starting out in ethical hacking, system administration, or cybersecurity, this is the perfect place to begin.

If you're new to OverTheWire, check out Bandit Level 0, where I explain what it is and how to get started.
This post continues from there, diving into your first real Linux challenge.

Challenge Summary – Bandit Level 1

The password for the next level is stored in a file called - located in the home directory.

How to Connect via SSH

SSH/ Secure Shell is a cryptographic network protocol that allows secure remote access to computers and servers. Learn more about SSH

Use the following command on your terminal to log in to the OverTheWire’s Bandit server:

ssh -p 2220 bandit1@bandit.labs.overthewire.org

When the terminal asks for a password (as shown in the screenshot below), enter the password you found in Level 0, the contents of the readme file.

Finding the ‘-‘ file

Once logged in to the Bandit server, use the following command to locate the file named - :

ls # lists the contents of a directory

cat # used to concatenate(combine) and display contents of a file

Mistakes to avoid:

❌ cat - → This makes cat wait for user input from the terminal.
❌ ls - → This returns an error because - is interpreted as an invalid option.

use:

cat ./- # tells cat to read a file named - in the current directory

Final Output

To access Level 2, simply update the username in your SSH command to bandit, like this:

ssh -p 2220 bandit2@bandit.labs.overthewire.org

Use the password you retrieved from Level 1 when prompted. This is how you progress between levels; the password from the previous level always unlocks the next.

Watch the Walkthrough video

TikTok

Conclusion

In Bandit Level 1, we learn how to work with files that have unconventional names, specifically a file named -, which normally represents standard input in Unix-based systems. This challenge teaches us how to explicitly reference such files using relative paths (like ./-) to avoid confusion with command-line options. It’s a valuable lesson in handling edge cases and understanding how the shell interprets special characters.

Up Next – Level 2 Teaser

The password for the next level is stored in a file called
spaces in this filename
located in the home directory...

💭 Can you figure out how to read a file with spaces in its name?

👀 Level 2 is trickier. Don’t miss it.

If you found this helpful, leave a comment or share it with fellow learners.
Check out the full Bandit series [Mastering OverTheWire: A CTF Journey from Noob to Ninja].

How to Solve OverTheWire Bandit Level 1: Linux Commands for Beginners