WordPress Tutorial: Using SSH to Install/Upgrade

This tutorial will guide you step by step on how to setup your server so you can install new plugins and upgrade existing plugins using an SSH2 layer in PHP and WordPress.

What is WordPress?

WordPress started in 2003 with a single bit of code to enhance the typography of everyday writing and with fewer users than you can count on your fingers and toes. Since then it has grown to be the largest self-hosted blogging tool in the world, used on hundreds of thousands of sites and seen by tens of millions of people every day.

What is SSH[2]?

SSH (Secure Shell) is a protocol allowing a secure channel to be established between a web server and a client’s local machine. Many web hosting companies now offer SSH for greater security.

Tutorial Pre-requisites

There are a few things that need to be in place before you can actually use this tutorial.

The first thing to do is make sure you have SSH2 installed via pecl. If it’s not installed or you’re not sure, run this command: pecl install ssh2

Note: If your case is where the installed version of SSh2 is beta, run this command instead:

pecl install channel://pecl.php.net/ssh2-0.11.0

If you don’t feel comfortable running these commands yourself and you know of a server administrator that can help, or you’re paying for managed services, ask them to install this for you.

After SSH2 is installed, follow these instructions to ensure that the SSH2 extension is enabled in PHP. Again, if you are using managed services, simply ask them to do this for you.

Ubuntu/Debian

cd /etc/php5/conf.d; echo "extension=ssh2.so" > ssh2.ini
/etc/init.d/apache2 restart

Red Hat, CentOS, Fedora

cd /etc/php.d; echo "extension=ssh2.so" > ssh2.ini
/etc/init.d/httpd restart

Step 1: Generating the server-side RSA keys

ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user1/.ssh/id_rsa):
Created directory '/home/user1/.ssh'.
Enter passphrase (empty for no passphrase): <strong>(just hit enter, no need for a password)</strong>
Enter same passphrase again: <strong>(same thing, hit enter again)</strong>
Your identification has been saved in /home/user1/.ssh/id_rsa.
Your public key has been saved in /home/user1/.ssh/id_rsa.pub.
The key fingerprint is:
xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx user1@server1.example.com

The xx:xx:xx etc. will be replaced with your actual fingerprint.

Step 2: Creating an ‘authorized_keys’ file

cd .ssh
cp id_rsa.pub authorized_keys

Step 3: Setting the proper file permissions

cd ~/
chmod 755 .ssh
chmod 644 .ssh/*

Step 4: Choosing the ‘SSH’ option

WordPress SSH Connection Information

In this tutorial, I opted not to use a password, so you do not need to enter a password.

Step 5: Click “Proceed”

The last step is to click the proceed button and it will install a new plugin or upgrade an existing plugin via the integrated SSH layer in WordPress. You should see results something like this…

Activated WordPress Plugin via SSH

Optional Steps

If you want to automate the process a bit more, there are a few more things you can do to make it even easier.

If you open up your wp-config.php and add these lines, it will make the process smoother.

define('FTP_PUBKEY','/home/user1/.ssh/id_rsa.pub');
define('FTP_PRIKEY','/home/user1/.ssh/id_rsa');
define('FTP_USER','user1');
define('FTP_PASS','');
define('FTP_HOST','server1.example.com:22');

Now, when you click “upgrade” or “install” on a new plugin, it will bypass the first screen you saw above asking for the details. It will automatically go into the process and start the install/upgrade.

Credit & Thanks

A huge thanks to Dion Hulse and Matt Martz for helping me with creating this tutorial.

Comments

    • By Jonathan Dingman on

      I looked in the support forums and it looks like there are a number of outstanding issues with the plugin.

      I much prefer going the non-plugin route when possible. And it certainly is possible, using the above tutorial. No upgrades, just a set-and-forget method.

      • By saiyajin on

        http://wordpress.org/tags/sftp

        There are a number of outstanding issues with the SFTP support as it’s been built-in as-is. The comments in this post, alone, are proof of that. Besides, support requests aside, there’s also the fact that 14 out of 14 people gave the plugin 5 stars. Presumably a plugin that didn’t work wouldn’t have that.

        And that all ignores the biggest issue with the built-in support. It requires a PECL extension be installed. I have a shared host with no access to shell. I can’t do “pecl install”. It’s either use that plugin or manually update WordPress by decompressing the zip on my desktop and uploading all the uncompressed files to the server.

  1. By Sven Smets on

    A much simpler method (and one that gave me no error in Ubuntu 12.04) is to run “apt-get install libssh2-php”. Then restart the apache2 service and you are done.

  2. By david on

    Hmmm. I’ve followed all the steps above, verified that ssh2 is properly installed, generated the keys as above, but still only get the non-ssh2 screen under “Connection Information” in WP. I’ve tried cycling through all the FS-METHODs to no avail, tried the IP address and localhost for FTP_HOST. I don’t know if it makes a difference but I have two keys in authorized_keys – the first used for shell access and the second that was generated for FTP. Any suggestions?

    • By Jonathan Dingman on

      Did you try the optional steps in the last part of the tutorial? That should be helpful.

  3. By Leire on

    Hello, the file ~/.ssh/id_rsa is your private key, the permissions must be 600, not 644

  4. By Tanno on

    I did all the steps, but I didn’t get the SSH option in the install plugin form. Problem with the newest WordPress version?

    • By Jonathan Dingman on

      Tanno — are you in a shared hosting environment? You should ask your web host about this solution to see if it’s even possible.

  5. By fxjudy on

    Hello,
    when I run
    pecl install channel://pecl.php.net/ssh2-0.11.0
    I got
    Cannot find config.m4.
    Make sure that you run ‘/usr/bin/phpize’ in the top level source directory of the module

    ERROR: `phpize’ failed

    • By Jonathan Dingman on

      I would try talking to your web host and see if they can assist you with the installation.

Trackbacks

  1. […] to run on my servers. But I did find a way to use SSH instead. Using instructions that I found here as a basis for my installation I was able to use ssh to install […]