Create wordpress user specifically for the auto update and add the user to the www-data group:
- sudo adduser wordpress
- sudo adduser wordpress www-data
chgroup the wordpress dir to the www-data group:
- sudo chgrp -R www-data /var/www/wordpress
Add the following to /etc/ssh/ssd_config to chroot the wordpress user to the wordpress directory:
Match User wordpress
ChrootDirectory /var/www/wordpress
AllowTCPForwarding no
X11Forwarding no
ForceCommand /usr/lib/openssh/sftp-server
Restart the sshd service:
sudo /etc/init.d/ssh restart
Setup the sftp userid and password in the wordpress settings and select sftp.