While there is merit using ssh to directly log into your host and unzip plugin and theme zip files directly in their respective directories, there is also merit doing it directly and securely from the administration panel.
To do this simply follow the following instructions.
Also note the following instructions require you to have the LAMP stack and access to the host’s command line via ssh.
If you do not have either, please do not continue reading.
Install SSH2 extension for php
To be able to install plugins/themes from the admin panel PHP needs to have access to the SSH library, this is achieved by installing the SSH extension via pecl:
pecl install ssh2 pecl install ssh2
Check extension is loaded upon startup of HTTPD
For the the extension to be loaded upon httpd startup you need to tell PHP that it needs to load this file:
cd /etc/php.d echo "extension=ssh2.so" > ssh2.ini /etc/init.d/httpd restart
Generating public/private rsa key pair
You are generating two keys with this operation, a private key (keep this secret) and a public key (visible).
The private key id for the CLIENT (WP admin panel) to connect to the SERVER (HTTPD and WP) to identify you, the server uses the public key to check whether you have access.
This command needs to be executed as the “person” having access to the WordPress directory tree (because of the file being copied into the directory), so whoever owns the tree must be able to have access to the two key files.
If it’s you, run it as you, if its nobody/apache run it as nobody/apache.
Also, do not enter a password, just hit enter.
ssh-keygen -t rsa
The execution of that command will ask you a few question
Generating public/private rsa key pair. Enter file in which to save the key (/home/OWNER_OF_WP_DIRECTORY_TREE/.ssh/id_rsa): Created directory '/home/OWNER_OF_WP_DIRECTORY_TREE/.ssh'. Enter passphrase (empty for no passphrase): DO NOT ENTER A PASSWORD Enter same passphrase again: DO NOT ENTER A PASSWORD Your identification has been saved in /home/OWNER_OF_WP_DIRECTORY_TREE/.ssh/id_rsa. Your public key has been saved in /home/OWNER_OF_WP_DIRECTORY_TREE/.ssh/id_rsa.pub. The key fingerprint is: xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx OWNER_OF_WP_DIRECTORY_TREE@server1.example.com
Copy the PUBLIC key into the authorized key file:
We are copying for ssh2, so we need to populate the authorized_keys2 file:
cd ~/.ssh cp id_rsa.pub authorized_keys2
Correct the file permissions of the .ssh directory and files
Do not be slack here, it is very important that the permission are stringent:
cd ~/ chmod 700 .ssh cd ~/.ssh chmod 600 *
Edit wp-config.php file to enter FTP/SSH details
define( 'FS_METHOD', 'ssh2' ); define( 'FTP_BASE', '/PATH_TO_WP_INSTALL/' ); define( 'FTP_CONTENT_DIR', '/PATH_TO_WP_INSTALL/wp-content/' ); define( 'FTP_PLUGIN_DIR ', '/PATH_TO_WP_INSTALL/wp-content/plugins/' ); define( 'FTP_PUBKEY', '/home/OWNER_OF_WP_DIRECTORY/.ssh/id_rsa_web.pub' ); define( 'FTP_PRIKEY', '/home/OWNER_OF_WP_DIRECTORY/.ssh/id_rsa_web' ); define( 'FTP_USER', 'OWNER_OF_WP_DIRECTORY' ); define( 'FTP_PASS', '' ); define( 'FTP_HOST', '127.0.0.1:22' ); define( 'FTP_SSL', false );
The next time you install a plugin/theme from a zip file or admin panel or upgrade wordpress to the latest available version this will happen without the need to specify anything, they keys you have created will look after this for you.