By shelly
Hello, all. I know this question has been asked before, but I’ve been trying to secure my WordPress installation with SSH keys (so it’s a little bit safer). I followed the tutorial located here:
However, now when I go into my admin area and try to update or install a theme or plugin, it’s now asking me for my “wp-user” FTP credentials, instead of just auto-updating. I followed the tutorial to the letter, but I can’t make heads or tails of the “troubleshooting” section at the end. Everything looks like it’s absolutely set up correctly, but it seems the wp-user isn’t viewed as the “owner” of WordPress somehow (even though the ls -l command shows that it definitely is).
Is there something else I should attempt? I did try doing “sudo chown wp-user:www-data /var/www” (WordPress is installed in the root - and it’s not a 1-click install, it’s running LAMP and I manually installed it) but that didn’t do anything.
Any help would be appreciated, thanks!
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
i think I’ve narrowed it down - in the tutorial, it gives three reasons this wouldn’t b working. I’ve already determined that two (improper permissions and improper file formatting) are ruled out. <br> <br>I think the last one is what the issue is: improper file ownership. It says: <br> <br>“These same keys need to be owned by the correct parties. Between owner and group-owner, this is often a mixture of the user being logged in and the web process user. In our example, the wp-user owns both the private and public keys, while the www-data group is the group-owner.” <br> <br>when I do an ls -l on the public key and authorized_keys files, the public key seems to be owned correctly (wp-user:www-data), but the authorized_keys are different - thy are owned by wp-user:wp-user. Shouldn’t that also be owned by wp-user:www-data? If so, how do I change that? (or am I way off here in my understanding of the paragraph from the tutorial?)
Got it :) <br> <br>The tutorial was followed perfectly, but it forgets one thing: you need to set the group-owner of the .ssh file as www-data, not wp-user. <br> <br>sudo chgrp www-data /home/wp-user/.ssh <br> <br>did that, and BAM. all was working just fine.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.