Enabling SSH/SFTP Updates in WordPress on Amazon EC2 and CentOS

Posted on by Posted in Administration, Blogging, Linux Tagged , , , , , , , , , , , , , , 9 Comments

WordpressThe WordPress blogging platform does support installing and updating your plugins using SSH/SFTP! So, why is it that it doesn’t show up as an option when updating your plugins?

Well, as it turns out, your PHP installation must be configured to support SSH before this option will show up in your WordPress dashboard. In this article I’ll explain how to set this up using just a few simple commands or a plugin.


Option 1: Install libssh2 and use the built-in WordPress SSH/SFTP Support

The upside of following this guide instead of installing the plugin is you’ll be installing libssh2, which means you’re enabling SSH/SFTP support across all PHP applications. You’re also be enabling and using the built-in WordPress support for SSH/SFTP, which is updated and supported with each new release. I personally followed this method, so I can also confirm that it works first-hand. The downside to this guide, of course, is that it takes a bit longer.

Step 1: See if it’s enabled already

Chances are SSH/SFTP is not enabled already, but it doesn’t hurt to check. If SSH is not enabled, your WordPress connection info page should look like this when you go to install updates:

Notice the distinct lack of an SSH/SFTP option. If this is what your page looks like, continue with the instructions below!

Step 2: Install all the development tools you’ll need

We’ll be installing the PHP package for libssh2, which will be compiled from source; this requires some development tools. Run these commands to install the tools you need:

$ sudo yum groupinstall "Development Tools"
$ sudo yum install kernel-devel kernel-headers

Step 3: Install libssh2

You’ll need libssh2 and some php development tools, so make sure those are installed by running the following command:

$ sudo yum install php-devel php-pear libssh2 libssh2-devel

Step 4: Use PECL to install SSH2 for PHP

PECL is the PHP Extension Community Library and we can use it to install SSH for PHP, like so:

$ sudo pecl install -f ssh2

After running this command, you’ll notice that it stops at a line and waits for input from you. It will look like this:

..
........done: 22,740 bytes
5 source files, building
running: phpize
Configuring for:
PHP Api Version:         20041225
Zend Module Api No:      20060613
Zend Extension Api No:   220060519
libssh2 prefix? [autodetect] :

There’s no need to enter a specific prefix; just press the [enter] key to move forward and it will autodetect the prefix.

Step 5: Configure PHP to load the SSH2 extension

Now that the SSH2 extension has been installed, you just have to tell PHP to load it. Configure PHP to load the extension by running the following commands:

$ sudo touch /etc/php.d/ssh2.ini
$ echo 'extension=ssh2.so' | sudo tee -a /etc/php.d/ssh2.ini

Step 6: Restart Apache

You’re almost done! Just restart the web server to have your changes take effect:

$ sudo /etc/init.d/httpd restart

Step 7: Verify the extension is loaded

Finally, check to see if the extension has been loaded by running php -m to see the installed PHP modules:

$ php -m | grep ssh2
ssh2

If you don’t see the ssh2 output from the above command, then something went wrong! Try following the steps again carefully to see what you might have missed.

Finish Line

You’re all done! You can now use SFTP to install and update plugins in WordPress. If you did everything correctly, your WordPress connection info page should now look like this:

* Thanks to Jacob for the original guide to installing libssh2 for PHP under CentOS.


Option 2: Install a Plugin for WordPress

Update: User ‘diamondback’ pointed out that there’s also a WordPress plugin for this. I haven’t used it myself, but it utilizes phpseclib, which is an implementation of SSH/SFTP entirely in PHP.

The upside to using a plugin is WordPress plugins are incredibly easy to install and uninstall. Additionally, the plugin developer could incorporate features that the standard WordPress installation does not have. The downside to using this plugin is this enables SSH/SFTP in WordPress only! It will not enable it in any other PHP applications. On top of that, you now have to rely on the author to update his plugin for new versions of WordPress instead of relying on the built-in WordPress support, which you get with the libssh2 installation.

Step 1: Install the plugin

Just install the SSH SFTP Updater Support plugin. You’re done!

Disclaimer: I haven’t used this plugin and do not endorse it in any way.

Enjoy your SSH/SFTP support! Happy blogging!

  • diamondback
  • http://www.awesomeblogisawesome.com Sean Fox

    @diamondback Thanks for the link! I’m a linux geek and I typically prefer to do things like this myself, but I wasn’t aware there was a plugin. I updated the article to point that out since I’m sure some users will be more comfortable with that option. They both have their pros and cons. :)

  • Esii

    thanks *-*
    fixed my problem

  • Pingback: Random Ramblings » Blog Archive » Setup Wordpress to use SSH to update/install plugins

  • Pingback: Wordpress中下载plugin的问题 | Shuai's Blog

  • http://twitter.com/fuzzybee7 Nguyễn Trung Dũng

    Hi Sean, thanks a lot for sharing this!

    I’ve tried to follow your guide and successfully see the SSH2 connection option.

    However, plugin update failed silently for me (no errors whatsoever).
    I entered
    the elastic IP address to my EC2 instance as Hostname
    root as FTP/SSH username
    absolute path for the key file /root/keys/web-server-ericnguyen.pem as “Private key”

    Can you possibly see what I have done wrong?

  • http://fodengrealy.com Mark Foden

    Have got as far (using Option 1) as the ‘Finish Line’ but can’t get it to work…

    “ERROR: There was an error connecting to the server, Please verify the settings are correct.”

    Can anyone explain in more detail what needs to go in each of the boxes. eg format of link to keys / pem or ppk?

    Also, do I need to open up access to port 22 in my security group? I saw some mention of using localhost here http://wordpress.org/support/topic/private-key-incorrect-for-solution?replies=2 but couldn’t get it to work

    Any help much appreciated

  • http://www.awesomeblogisawesome.com Sean Fox

    SFTP is an extension of the SSH protocol, so you’ll almost certainly need to open port 22 on the web server running your WordPress installation.

    As for authentication, you could use a username/password combination for any user that is able to login via SSH. If you’re not using HTTPS on your blog though, you may want to use the public/private key method instead for some added security.

    If you decide to use the public/private key method, you’ll need to type in the full web server path to the public and private key files. I haven’t done this personally (I’ve been using a non-root username/password combination), but I imagine it would be something like this in those boxes:
    Public Key: /home/username/.ssh/id_rsa.pub
    Private Key: /home/username/.ssh/id_rsa

  • http://fodengrealy.com Mark Foden

    Sean, really kind of you to take the time to reply. I think I did all those things. In the end I installed an ftp server following the instructions at http://stephen-white.blogspot.co.uk/2012/05/how-to-set-up-wordpress-on-amazon-ec2_31.html . Thank you very much. Mark