SFTP authentication with credentials in Wordpress MySQL database?

Question

I'm trying to find a solution that will allow for a user to connect to a server via SFTP using a provided username/key combination (stored in a Wordpress installation's MySQL database), without needing to constantly keep two or more separate systems in sync.

This is the MySQL query that gets two columns that have the username of a user and the api key, which the user would type in to their SFTP client as their password:

SELECT m.meta_value, u.user_login
FROM wp_users AS u, wp_usermeta AS m
WHERE m.user_id = u.ID AND m.meta_key = "user_apikey";

As far as the file system goes, there is a folder which has the same name as a user's username for each user, all in the same directory. This user's folder may or may not already exist. When a user makes an SFTP connection to the server, they should be shown only the contents of that folder once authenticated.

Hopefully someone knows of a simple solution to this problem. The only limitation I have is that this must run on a CentOS box, but I'm pretty open to any tools and languages.

Answer 1

It seems as though I could use Proftpd as an FTP server and add modules to configure it with the following modules:

• Proftpd MySQL authentication using mod_sql

• Proftpd SFTP using mod_sftp

Answer 2

Rather than try to get the OS and the underlying file system and SFTP server to use Wordpress as their user source, you will likely have much better luck getting Wordpress to use the OS as its user source.

One route to get there would be to use an LDAP server. Most OSs (and SFTP servers and the file system) can integrate with an LDAP server for authentication, and Wordpress can as well.

Going the route of trying to get the other services to look to Wordpress is just asking for trouble from a security standpoint.