wordpress enable ssh FTP access in LAMP server

 

SSH Connection in LAMP /Wordpress

SSH Access Working Process:

Generating Private & public Keys into user .ssh folder

Copying Public key to Authorizing Keys .

File permissions should be 755 for folder & 644 for files.

Adding details to wordpress config file.

 

Errors:

Incorrect public & private keys for User

 

Reasons: File Permissions may be but some time user own the directory & with Correct permissions.

Unable to establish a connection with SSH2. Then go to FTP connection.

 

sudo chmod 0644 /root/.ssh/id_rsa*
sudo mkdir /root/.ssh
cd /root/.ssh/

cat > /root/.ssh/authorized_keys
sudo chmod 0644 /root/.ssh/authorized_keys
sudo nano /root/.ssh/authorized_keys
udo cp /root/.ssh/id_rsa.pub /root/.ssh/authorized_keys

Public & private keys not working for user i created for

FTP Connection in LAMP WordPress

 

Install VSTD on the server

how to configure ftp server in linux centos
 
Step 1 Install VSFTD
sudo yum install vsftpd
or
Debian sudo apt-get install vsftpd
and then install ftp client
sudo apt-get install ftp
or
sudo yum install ftp
 
Step 2 configure vsftp
 
Open the config file 
 
sudo vi /etc/vsftpd/vsftpd.conf
 
Edit below lines
anonymous_enable=NO
 
 
local_enable=YES
 
and uncomment this line
 
chroot_local_user=YES
 (this command prevents users to access another directory)
 
Uncomment this 
chroot_list_file=/etc/vsftpd.chroot_list  
 
add fto username to get root privileges
 
 
Response: 500 OOPS: vsftpd: refusing to run with writable root inside chroot()
 
echo ‘allow_writeable_chroot=YES’ >> /etc/vsftpd/vsftpd.conf
 
systemctl restart vsftpd
 
how to check ssh version in linux
-A INPUT -m state –state NEW -m tcp -p tcp –dport 21 -j ACCEPT to iptbles
 
restart
 
systemctl restart vsftpd.service
systemctl enable vsftpd.service
sudo service vsftpd restart
 
 
 
ensure that vsftpd working 
 
chkconfig vsftpd on
 
 
Add FTP Port 21]
 
firewall-cmd –permanent –add-port=21/tcp
 
firewall-cmd –permanent –add-service=ftp
Restart firewall
firewall-cmd –reload
update boolean values for selinux
setsebool -P ftp_home_dir on  (if se linux)
Creating FTP users
root user not allowed as FTP
sou you can users With passwords.
useradd testuser
passwd testpass
useradd user3
passwd user3
enter password
VIM editor exit without saving (:q!)
SFTP Enabled On wordpress
add user
navigate to cd /var/www/
change ownership to ftpuser (user3)
sudo chown -R ssh-user:ssh-user /var/www/html
sudo chown -R user3:user3 /var/www/
Create SSH Key for wordpress
 Add a sudo user & set password
sudo su – user3
ssh-keygen -t rsa -b 4096
Storing place  /home/ssh-user/wp_rsa press enter thrice to create ssh keygen without password .
/home/user3/wp_rsa
Assigining user to group
sudo chown user3:apache /home/user3/wp_rsa*
usermod –home /var/www/ user3  (home/ftp to var/ww
but 
sudo chown user3:user3 /home/user3/.ssh/
sudo chmod 0640 /home/user3/wp_rsa*
Make directory
sudo mkdir /home/ssh-user/.ssh
sudo mkdir /home/user3/.ssh
Make file
Adjust permissions & ownership
sudo chown ssh-user:ssh-user /home/ssh-user/.ssh/authorized_keys
sudo chmod 0644 /home/ssh-user/.ssh/authorized_keys
sudo chown user3:user3 /home/user3/.ssh/authorized_keys
sudo chmod 0644 /home/user3/.ssh/authorized_keys
Copying Public Key to Authorized_keys
Restrict usage to local computer
sudo nano /home/ssh-user/.ssh/authorized_keys
add this line very begingin of the file
from=”127.0.0.1″
restart sudo service httpd restart
Adjust wordpress configuration
navigate to wordpress installed directory
/var/www/test.com/public_html
sudo apt-get update
sudo apt-get install php5-dev libssh2-1-dev libssh2-php
CentOS-based  use yum instead of apt-get
sudo yum update
(updates apache server LAMP)
Install SSH2 extension for PHP
sudo yum install php5-dev libssh2-1-dev libssh2-php (not works in centos & works in debian apache 2.4)
yum install make gcc libssh2 php-devel php-pearlibssh2-devel
if error occured
WARNING: You will need re2c 0.13.4 or later if you want to regenerate PHP parsers.
Then update by this command
rpm -Uvh http://mirrors.karan.org/epel7/Packages/re2c/20131231011915/0.13.5-1.el6.x86_64/re2c-0.13.5-1.el7.x86_64.rpm
then type exit

Securing FTP
We have to Grant access for ftp user but ownership remains to the group owner.

How to Create a FTP Group in linux

  • groupadd www-data or
  • groupadd apache
  • sudo usermod -a -G apache user3
  • sudo usermod -d /var/www user3
  • sudo chgrp -R apache /var/www
  • sudo chmod -R g+w /var/www
  • sudo chmod g+s /var/www
  • chmod -R 775 /var/www

 

adding permissions

 
sudo chown ssh-user:www-data /home/ssh-user/wp_rsa*
sudo chmod 0640 /home/ssh-user/wp_rsa*
sudo chown user3:ftpaccess /home/user3/wp_rsa*
sudo chmod 0640 /home/user3/wp_rsa*
Configuring wp config file
sudo nano /var/www/html/wp-config.php
sudo nano /var/www/test.com/public_html/wp-config.php
sudo chown user3:user3 /home/user3/.ssh/
sudo chmod 0700 /home/user3/.ssh/
sudo cp /home/user3/wp_rsa.pub /home/user3/.ssh/authorized_keys
sudo chown user3:user3 /home/user3/.ssh/authorized_keys
sudo chmod 0644 /home/user3/.ssh/authorized_keys
sudo nano /home/user3/.ssh/authorized_keys
define(‘FTP_PUBKEY’,’/home/user3/wp_rsa.pub’);
define(‘FTP_PRIKEY’,’/home/user3/wp_rsa’);
define(‘FTP_USER’,’user3′);
define(‘FTP_PASS’,”);
define(‘FTP_HOST’,’127.0.0.1:22′);
add it at the  end
define(‘FTP_PUBKEY’,’/home/ssh-user/wp_rsa.pub’);
define(‘FTP_PRIKEY’,’/home/ssh-user/id_rsa’);
define(‘FTP_USER’,’ssh-user’);
define(‘FTP_PASS’,”);
define(‘FTP_HOST’,’127.0.0.1:22′);
define(‘FTP_PUBKEY’,’/home/user3/.ssh/id_rsa.pub’);
define(‘FTP_PRIKEY’,’/home/user3/.ssh/id_rsa’);
define(‘FTP_USER’,’user3′);
define(‘FTP_PASS’,’testpass’);
define(‘FTP_HOST’,’127.0.0.1:22′);
restart the apache
sudo service apache2 restart
or
sudo service apache restart
sudo service httpd restart
*** Restart every time to see the changes.