Warning…this is a mildly complex server administration task. I assume no responsibility if you toast someone’s website.
If you have root access to a VPS or dedicated box then proceed with caution.
What this tutorial will do is allow updating of the WP core, plug-ins, and themes via SSH through PHP.When this is installed correctly a third option will appear in your update options section. (FTP, SFTP, and OMGSTFU SSH2!) SSH2 is a secure channel client that requires about half of the processing requirements of the standard WP FTP routine. Did I mention it was fast? Yeah like real fast, like a graduating classes virginity on prom night fast.
Fair Warning there are a few things that need to be in place before you can actually use this tutorial. The first thing to do is make sure you have SSH2 installed. It’s a fairly simple install with pecl. If it’s not installed or you’re not sure, run this command or have your hosting company do this for you.
#:[enter root user password]
pecl install -f ssh2
note: If your distro’s installed version of SSh2 is beta, as mine was on Media Temple, run this command instead
pecl install channel://pecl.php.net/ssh2-0.11.0
The next step is to include the dynamically loaded extension. Search for php.ini on Media Temple Cent 5 it is /etc/php.ini. Inside that file locate the dynamic extensions area. Should be blank, add this line….
This will force php to load the SSH2 library for Secure communications. At this point you should restart the web server apache.
Once you restart apache, login to your blog, try to install a plug-in or theme. You should see a third option to update via SSH2. This will tell you if its installed correctly or not. Almost Done! To really make it sing continue a little bit more.
To use SSH2 you need to generate a set of rsa keys. This is great so you will never have to enter that password again, or worry about your credentials being sent over the wire in clear text.
Login to your home directory as normal user. You do not want to run the next few steps as root. Run this command.
This will prompt you for a file location to create a key pair. It should default to something like /var/www/vhosts/mydomain.com/.ssh/id_rsa or /var/www/html on RH or Cent. /home/html/.ssh/id_rsa for Debian/Ubuntu. Go ahead and press enter, you should be prompted to enter a password. Do not enter any passwords, hit enter twice. Some folks have noted that password protected keys cause problems with SSH via PHP.
After creating the keys there are couple of final steps in SSH terminal. This sets up the key pair for WordPress to use while accessing your server via SSH.
cp id_rsa.pub authorized_keys
chmod 755 .ssh
chmod 644 .ssh/*
The last step is to add the credentials and path locations to your wp-config.php file that automates the update/install process for you. Here is an excerpt from my config. Be absolute in your paths to files. Note the ‘FS_METHOD’ is ‘direct’ compared to ftpext, SSH, or ftpssl. This works for me and updating, installing, deleting plug ins really zings!!!
//* Added for Auto FTP updating
define(‘FTP_PLUGIN_DIR ‘, ‘/var/www/vhosts/michaelquale.com/httpdocs/wp-content/plugins/’);
If your getting connection errors it’s possible that apache does not have write permission on the files. Easily fixed by navigating to the wp-content folder and entering a few commands.
chown myuseraccount:apache /upgrades -R
chown myuseraccount:apache /themes -R
chown myuseraccount:apache /plugins -R
chmod 775 upgrades/ -R
chmod 775 uploads/ -R
chmod 775 themes/ -R
chmod 775 plugins/ -R
This step dramatically improved the performance of installs, updates, and deletes. Hope this helps you!