This tutorial will guide you step by step on how to setup your server so you can install new plugins and upgrade existing plugins using an SSH2 layer in PHP and WordPress.
What is WordPress?
WordPress started in 2003 with a single bit of code to enhance the typography of everyday writing and with fewer users than you can count on your fingers and toes. Since then it has grown to be the largest self-hosted blogging tool in the world, used on hundreds of thousands of sites and seen by tens of millions of people every day.
What is SSH[2]?
SSH (Secure Shell) is a protocol allowing a secure channel to be established between a web server and a client’s local machine. Many web hosting companies now offer SSH for greater security.
Tutorial Pre-requisites
There are a few things that need to be in place before you can actually use this tutorial.
The first thing to do is make sure you have SSH2 installed via pecl. If it’s not installed or you’re not sure, run this command: pecl install ssh2
Note: If your case is where the installed version of SSh2 is beta, run this command instead:
pecl install channel://pecl.php.net/ssh2-0.11.0
If you don’t feel comfortable running these commands yourself and you know of a server administrator that can help, or you’re paying for managed services, ask them to install this for you.
After SSH2 is installed, follow these instructions to ensure that the SSH2 extension is enabled in PHP. Again, if you are using managed services, simply ask them to do this for you.
Ubuntu/Debian
cd /etc/php5/conf.d; echo "extension=ssh2.so" > ssh2.ini /etc/init.d/apache2 restart
Red Hat, CentOS, Fedora
cd /etc/php.d; echo "extension=ssh2.so" > ssh2.ini /etc/init.d/httpd restart
Step 1: Generating the server-side RSA keys
ssh-keygen
Generating public/private rsa key pair. Enter file in which to save the key (/home/user1/.ssh/id_rsa): Created directory '/home/user1/.ssh'. Enter passphrase (empty for no passphrase): <strong>(just hit enter, no need for a password)</strong> Enter same passphrase again: <strong>(same thing, hit enter again)</strong> Your identification has been saved in /home/user1/.ssh/id_rsa. Your public key has been saved in /home/user1/.ssh/id_rsa.pub. The key fingerprint is: xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx user1@server1.example.com
The xx:xx:xx etc. will be replaced with your actual fingerprint.
Step 2: Creating an ‘authorized_keys’ file
cd .ssh cp id_rsa.pub authorized_keys
Step 3: Setting the proper file permissions
cd ~/ chmod 755 .ssh chmod 644 .ssh/*
Step 4: Choosing the ‘SSH’ option
In this tutorial, I opted not to use a password, so you do not need to enter a password.
Step 5: Click “Proceed”
The last step is to click the proceed button and it will install a new plugin or upgrade an existing plugin via the integrated SSH layer in WordPress. You should see results something like this…
Optional Steps
If you want to automate the process a bit more, there are a few more things you can do to make it even easier.
If you open up your wp-config.php and add these lines, it will make the process smoother.
define('FTP_PUBKEY','/home/user1/.ssh/id_rsa.pub');
define('FTP_PRIKEY','/home/user1/.ssh/id_rsa');
define('FTP_USER','user1');
define('FTP_PASS','');
define('FTP_HOST','server1.example.com:22');
Now, when you click “upgrade” or “install” on a new plugin, it will bypass the first screen you saw above asking for the details. It will automatically go into the process and start the install/upgrade.
Credit & Thanks
A huge thanks to Dion Hulse and Matt Martz for helping me with creating this tutorial.
By sablemerc on
I think this plugin is easier to use:
http://wordpress.org/extend/plugins/ssh-sftp-updater-support/
By Jonathan Dingman on Author
I looked in the support forums and it looks like there are a number of outstanding issues with the plugin.
I much prefer going the non-plugin route when possible. And it certainly is possible, using the above tutorial. No upgrades, just a set-and-forget method.
By saiyajin on
http://wordpress.org/tags/sftp
There are a number of outstanding issues with the SFTP support as it’s been built-in as-is. The comments in this post, alone, are proof of that. Besides, support requests aside, there’s also the fact that 14 out of 14 people gave the plugin 5 stars. Presumably a plugin that didn’t work wouldn’t have that.
And that all ignores the biggest issue with the built-in support. It requires a PECL extension be installed. I have a shared host with no access to shell. I can’t do “pecl install”. It’s either use that plugin or manually update WordPress by decompressing the zip on my desktop and uploading all the uncompressed files to the server.
By Sven Smets on
A much simpler method (and one that gave me no error in Ubuntu 12.04) is to run “apt-get install libssh2-php”. Then restart the apache2 service and you are done.
By david on
Hmmm. I’ve followed all the steps above, verified that ssh2 is properly installed, generated the keys as above, but still only get the non-ssh2 screen under “Connection Information” in WP. I’ve tried cycling through all the FS-METHODs to no avail, tried the IP address and localhost for FTP_HOST. I don’t know if it makes a difference but I have two keys in authorized_keys – the first used for shell access and the second that was generated for FTP. Any suggestions?
By Jonathan Dingman on Author
Did you try the optional steps in the last part of the tutorial? That should be helpful.
By Leire on
Hello, the file ~/.ssh/id_rsa is your private key, the permissions must be 600, not 644
By Tanno on
I did all the steps, but I didn’t get the SSH option in the install plugin form. Problem with the newest WordPress version?
By Jonathan Dingman on Author
Tanno — are you in a shared hosting environment? You should ask your web host about this solution to see if it’s even possible.
By fxjudy on
Hello,
when I run
pecl install channel://pecl.php.net/ssh2-0.11.0
I got
Cannot find config.m4.
Make sure that you run ‘/usr/bin/phpize’ in the top level source directory of the module
ERROR: `phpize’ failed
By Jonathan Dingman on Author
I would try talking to your web host and see if they can assist you with the installation.