Public and Private keys incorrect for user

I've followed this tutorial (which worked for me on several VPS's) to configure a secure way to install and update themes and plugins in Wordpress. Basically:

sudo adduser wp-user
cd /var/www
sudo chown -R wp-user:wp-user /var/www/
sudo su - wp-user
ssh-keygen -t rsa -b 4096
exit
sudo chown wp-user:www-data /home/wp-user/wp_rsa*
sudo chmod 0640 /home/wp-user/wp_rsa*
sudo mkdir /home/wp-user/.ssh
sudo chown wp-user:wp-user /home/wp-user/.ssh/
sudo chmod 0700 /home/wp-user/.ssh/
sudo cp /home/wp-user/wp_rsa.pub /home/wp-user/.ssh/authorized_keys
sudo chown wp-user:wp-user /home/wp-user/.ssh/authorized_keys
sudo chmod 0644 /home/wp-user/.ssh/authorized_keys
sudo nano /home/wp-user/.ssh/authorized_keys

from="127.0.0.1" ssh-rsa...

sudo apt-get update
sudo apt-get install php5-dev libssh2-1-dev libssh2-php
sudo nano /var/www/wp-config.php

Add:

define('FTP_PUBKEY','/home/wp-user/wp_rsa.pub');
define('FTP_PRIKEY','/home/wp-user/wp_rsa');
define('FTP_USER','wp-user');
define('FTP_PASS','');
define('FTP_HOST','127.0.0.1:22');

And finally:

sudo service apache2 restart

For some reason, I'm getting the message:

Public and Private keys incorrect for wp-user

Looking for an answer, I've seen this question, but none of the answers has worked for me.

First, I put the files into /home/wp-user directory, but also tried into /home/wp-user/.ssh. This is what I have right now:

ls -la /home/wp-user/.ssh

drwx------ 2 wp-user wp-user  4096 Mar  1 15:02 .
drwxr-xr-x 3 wp-user wp-user  4096 Mar  1 14:58 ..
-rw-r--r-- 1 wp-user wp-user   742 Mar  1 15:02 authorized_keys
-rw-r----- 1 wp-user www-data 3247 Mar  1 14:58 wp_rsa
-rw-r----- 1 wp-user www-data  742 Mar  1 14:58 wp_rsa.pub

And:

define('FTP_PUBKEY','/home/wp-user/.ssh/wp_rsa.pub');
define('FTP_PRIKEY','/home/wp-user/.ssh/wp_rsa');
define('FTP_USER','wp-user');
define('FTP_PASS','');
define('FTP_HOST','127.0.0.1:miCustomPortForSSH');

I can see this output on auth.log each time I try to connect:

Mar  1 14:37:51 vpsxxxx sshd[2430]: Set /proc/self/oom_score_adj to -800
Mar  1 14:37:51 vpsxxxx sshd[2430]: Connection from 127.0.0.1 port 56103
Mar  1 14:37:51 vpsxxxx sshd[2430]: Received disconnect from 127.0.0.1: 11: PECL/ssh2 (http://pecl.php.net/packages/ssh2) [preauth]

with different port each time:

Mar  1 14:38:16 vpsxxxx sshd[2435]: Set /proc/self/oom_score_adj to -800
Mar  1 14:38:16 vpsxxxx sshd[2435]: Connection from 127.0.0.1 port 56128
Mar  1 14:38:16 vpsxxxx sshd[2435]: Received disconnect from 127.0.0.1: 11: PECL/ssh2 (http://pecl.php.net/packages/ssh2) [preauth]

I'm using Apache2 and Nginx as proxy server, but log files doesn't reveal anything. Any idea?

Solution 1:

It looks like the private key is too open as it is group readable. Try removing the group read permissions

chmod g-r wp_rsa

and see how that goes.

Solution 2:

If you are using the php_admin_value open_basedir directive at all, the keys need to be in a directory that is included in the paths listed.