Generating ssh keys for 'apache' user on shared hosting

Question

I am making a git clone request from PHP using exec with rsa verification. This process seems to start ok, however, I soon get the error

Could not create directory 'var/www/.ssh'

I had thought that I had overcome having apache look to its own directory with ssh-add, however, this seems nots to be the case. My two lines:

exec('/usr/bin/ssh-add /path/to/home/dir/id_rsa > ssh.log.txt 2>&1');
exec('/usr/local/bin/git clone git@bitbucket.org:etc.git > git.log.txt 2>&1');

Is there a way to have the apache user call .git using an rsa key when you are on restricted shared hosting that won't let you touch /var/www/?

Answer 1

use GIT_SSH environment variable:

mkdir /path/to/home/dir/.ssh/
chmod 0700 /path/to/home/dir/.ssh/
chown apache:apache /path/to/home/dir/.ssh/

create wrapper for ssh (in home dir /path/to/home/dir/ssh_wrap)

#!/bin/sh
$target=$1;
$command=$2;
ssh -F /path/to/home/dir/.ssh/ssh_config -i /path/to/home/dir/id_rsa $target $command

run

chmod +x /path/to/home/dir/ssh_wrap

create file /path/to/home/dir/.ssh/ssh_config:

 UserKnownHostsFile=/path/to/home/dir/.ssh/known_hosts
 StrictHostKeyChecking=no

in your script before git clone add

 export GIT_SSH=/path/to/home/dir/ssh_wrap

this may need changing, you need to get the idea. more info in man git man ssh