
I have found an interesting article on how to use ssh to update your WordPress blog instead of the default method (FTP/FTPS).
The steps are the following :
- create a new user account
adduser wp-user - set the security rights for the files and the folders on the WordPress path (for the example, the WordPress directory path is /var/www/html)
cd /var/www/html
find . -type d -exec chmod 0755 {} \;
find . -type f -exec chmod 0644 {} \; - set the file ownership to the new user account
chown -R wp-user:wp-user /var/www/html - create a RSA keypair (both public and private keys)
ssh-keygen -t rsa -b 4096
When prompted, enter /home/wp-user/wp_rsaInfo : do not set the passphrase. Just leave it blank and type “Enter”. Otherwise, it will not work. Do not hesitate to leave a comment if you have a tip to do it works with a passphrase…
- Set the security and the ownership on the key files/folders
chown wp-user:www-data /home/wp-user/wp_rsa*
chmod 0640 /home/wp-user/wp_rsa*mkdir /home/wp-user/.ssh
chown wp-user:wp-user /home/wp-user/.ssh/
chmod 0700 /home/wp-user/.ssh/
cp /home/wp-user/wp_rsa.pub /home/wp-user/.ssh/authorized_keys
chown wp-user:wp-user /home/wp-user/.ssh/authorized_keys
chmod 0644 /home/wp-user/.ssh/authorized_keys - To restrict the key usage to the local computer, add the following text at the beginning of the file /home/wp-user/.ssh/authorized_keys before ssh-rsa
from=”127.0.0.1″ ssh-rsa… - Add the following packages :
apt-get update
apt-get install php5-dev libssh2-1-dev libssh2-php - Edit your wp-config.php and add these lines at the end :
define(‘FTP_PUBKEY’,’/home/wp-user/wp_rsa.pub’);
define(‘FTP_PRIKEY’,’/home/wp-user/wp_rsa’);
define(‘FTP_USER’,’wp-user’);
define(‘FTP_HOST’,’127.0.0.1:22′); - Restart Apache
service apache2 restart
Reference
My Powershell script categories
- Active Directory
- Cluster
- Database
- Exchange
- Files and folders
- Hardware
- Network
- Operating System
- PKI
- SCCM
- Service and process
- Tips
- VMWare
Secure your WordPress updates