Secure and Easy WordPress Core/Plugin Updates with SSH2

The Problem: multiple individuals working on the same WordPress installation require an easy method for updating the plugins they’re responsible for; simultaneously, the sysadmin doesn’t feel cozy allowing the web server group to have write access to indiscriminate locations throughout the filesystem, something required by WP’s default ‘direct’ update method.

The Solution: updates via SSH2 using a dedicated WP update user with restricted SSH access.

There are several guides out there that will walk you through the process of setting up SSH2 update access for WordPress, but don’t quite satisfy various security and convenience restraints you may be looking for; e.g. disallowing the web server group or anyone at all read access to an actual user’s private key. This guide leverages options in the authorized_keys file and a dedicated WP update user to prevent such issues.

The Setup

check ssh2 module
if no module, install
on Ubuntu Precise, either use pecl or apt-get install two libs

create user:
useradd

create user’s keys
sudo su user
ssh-keygen

make authorized_keys file
cp pub key to authorized_keys
add options from=”localhost”,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty

set up permissions
the web server group will still need read access (but not write!!) to pub and private keys, if someone is able to coop the web server group into reading the keys, the authorized_keys options will prevent them from being useful, if they can change authorized_keys you have bigger issues
chmod stuff

add to wp-config.php
define(‘FS_METHOD’, ‘ssh2’);
define(‘FTP_PUBKEY’,’/home/update/.ssh/id_rsa.pub’);
define(‘FTP_PRIKEY’,’/home/update/.ssh/id_rsa’);
define(‘FTP_USER’,’update’);
define(‘FTP_HOST’,’localhost’);

To end users, everything will appear to work exactly the same as the ‘direct’ method. Convenient. For the sysadmin,

Leave a Reply

Your email address will not be published. Required fields are marked *