quintessence
By:
quintessence

Wordpress prompting for FTP credentials - Ubuntu 14.04 / LAMP configuration

July 17, 2015 16.8k views
WordPress Apache PHP CMS LAMP Stack Security Ubuntu

I followed the Digital Ocean tutorial for configuring secure updates for Wordpress using SSH keys and I am still being prompted for the FTP information when I try to install at new theme.

In the wp-config.php file I added:

define('FS_METHOD', 'direct');
define('FTP_PUBKEY','/home/wp-user/.ssh/wp_rsa.pub');
define('FTP_PRIKEY','/home/wp-user/.ssh/wp_rsa');
define('FTP_USER','wp-user');
define('FTP_PASS','wp-pass');
define('FTP_HOST','127.0.0.1:22');

Where wp-user and wp-pass have been replaced by the appropriate user name and password. The FS_METHOD line wasn't in the tutorial, but something I saw suggested for related problems, e.g. here and here.

The permissions on the files are:

-rw-r--r-- 1 wp-user wp-user      755 Jul 16 21:03 authorized_keys
-rw-r----- 1 wp-user www-data 3326 Jul 16 20:57 wp_rsa
-rw-r----- 1 wp-user wp-user      738 Jul 16 21:00 wp_rsa.pub

The permissions on the ~/.ssh, var/www, :

drwx------ 2 wp-user wp-user    4096 Jul 16 21:03 .ssh

...

drwxrwxr-x  3 wp-user www-data 4096 Jul 13 13:51 www

I also prepended the RSA information in the authorized_keys file with from="127.0.0.1" and restarted apache with sudo service apache2 restart more times than I care to admit.

Is there anything else I should be doing?

Thank you!

2 comments
  • granduu July 17, 2015

    sudo chown -R www-data:www-data /var/www/wordpressfolder

  • quintessence July 17, 2015

    There was no initially change - even after restarting the service again. I have ~/wordpress as my Wordpress directory rather than /var/www, so initially I ran the command on ~/wordpress.

    Just now /var/www instead and THAT worked :D

    Thank you!

Log In to Comment
1 Answer
retran July 17, 2015

In your question, you state:

Where wp-user and wp-pass have been replaced by the appropriate user name and password.

By using ssh keys, there should be no password. Leave the password field blank (as it is in the tutorial you referenced).

Also, the tutorial instructs you to create and prepare a user called "wp-user". If you were following that tutorial, that user should not be changed either, unless you did the same things to a different username.

{Edit}...
Additonally.. FS_METHOD should not be changed to "direct" as this instructs the updater to use direct filesystem commands rather than the ssh method you spent all that time in the tutorial preparing. If you wish to explicitly set FS_METHOD, the value should be "ssh2".

Reply
  • quintessence July 17, 2015

    By using ssh keys, there should be no password. Leave the password field blank (as it is in the tutorial you referenced).

    Ah, gotcha. When I created the key I used a password, so I thought it needed that password. I changed the password field to be an empty string and FS_METHOD to ssh2 like you suggested. Unfortunately the behavior is the same after I restarted the service. :-/

    For reference, here are the changes:

    define('FS_METHOD', 'ssh2');
define('FTP_PUBKEY','/home/wp-user/.ssh/wp_rsa.pub');
define('FTP_PRIKEY','/home/wp-user/.ssh/wp_rsa');
define('FTP_USER','wp-user');
define('FTP_PASS','');
define('FTP_HOST','127.0.0.1:22');

    And about wp-user: that is correct, I created a different user name and followed the Wordpress installation tutorial and the secure tutorial I linked above using that user name.

Have another answer? Share your knowledge.

Related Questions