Using ssh to upgrade wordpress plugins

Posted by clsung on Wednesday, August 17, 2011

Using ftp to upgrade wordpress plugins is not a safe way: you will need to open the ftp port and have a ftpd daemon just for upgrading wordpress.

So instead we use ssh to help us upgrade wordpress plugins, first you will have php with ssh2 supported:

% sudo apt-get install libssh2-php
% grep ssh2 /etc/php5/conf.d/ssh2.ini # check if ssh2 is supported

Next, login in the wordpress user account (the owner of your wordpress directory) and create ssh public/private keys:

% ssh-keygen
# some bzz output
% chmod 755 .ssh

Alternatively, if you want to keep the user more secure (i.e. using different public/private keys in different directory say wordpress-ssh/):

% ssh-keygen
# some bzz output
% cp .ssh/id_rsa* wordpress-ssh/

Done! When we are asked in the ‘Connection Information’ page, just select SSH2 and input the user and the public/private key path. If you want to have wordpress to fill it automatically, you can specify the following information in wp-config.php:

define('FTP_PUBKEY','path-to/wordpress-ssh/id_rsa.pub');
define('FTP_PRIKEY','path-to/wordpress-ssh/id_rsa');
define('FTP_USER','wpuser');
define('FTP_PASS','');
define('FTP_HOST','localhost:22');