WordPress - Allow Automatic Security Updates With SSH Credentials

If you want to allow WordPress to be able to install updates over SSH, you can tell it the details to utilize by editing your configuration file, which this tutorial will show you how to do.

Steps

Edit your wp-config.php file and add the following settings:

// SFTP (SSH) details for automatic updates
define( 'FS_METHOD', 'ssh2' );

# Specify path to where WordPress was installed.
define( 'FTP_BASE', '/var/www/wordpress/public_html' );

# Specify SSH username and password
define( 'FTP_USER', 'sshUsernameHere' );
define( 'FTP_PASS', 'sshPasswordHere' );

# Specify the SSH host. You almost always don't want to change this value.
define( 'FTP_HOST', '127.0.0.1:22' );

It might be worth leaving out the password, to force the administrator to know and enter it at the point of trying to run updates. This will prevent automatic updates though. If you use FTP instead, you should be able to just comment out the last line (in theory, not tested).

SFTP Plugin

The above will require one to have installed PHP with the SSH extension, which you may or may not have to do through PECL. If you do not wish to have to install the libssh extension, then you can work around this by installing the SFTP plugin.

Using SSH Keys

In theory, one should also be able to specify the path to the public/private SSH keys used to access the server, instead of using passwords like so:

define( 'FTP_PUBKEY', '/home/user/.ssh/id_rsa.pub' );
define( 'FTP_PRIKEY', '/home/user/.ssh/id_rsa' );

However, I didn't have any luck with this for some reason.

References

• WordPress Stack Exchange - enable SFTP via SSH keys in wordpress
• serverstack.com - Automatic WordPress Updates Using FTP/FTPS or SSH