By default, any error message in your php script will be visible to site visitors on the browser and will be logged to apache error log file – most commonly in “/var/log/httpd/error.log”. In a production server it is advisable to prevent the error message from appearing on browser and has to be silently sent to a custom log file, specifically created for logging only php error messages. Following these steps might help:

1. Create the file under /var/log -> $touch /var/log/php-error.log

2. change permission to 644 -> $chmod 644 /var/log/php-error.log

3. set ownership -> $chown root.apache /var/log/php-error.log (if httpd is running under apache, could be www-data, nobody…)

4. Edit /etc/php.ini  and make sure the following options are set correctly

error_reporting = E_ALL

display_errors = OFF

error_log =/var/log/php-error.log

log_errors = ON

5. Write a php script with some syntax error in it and check whether the error notification is logged or not

$tail -f /var/log/php-error.log

It is not advisable to use password based login for ssh any more. One of the most secure ways of  remote login through ssh is to use public key authentication. But in order to do that you have to generate both private and public keys using ssh-keygen, for RSA the default file names would be id_rsa (private key) and id_rsa.pub (public key).  Since you have already generate those keys with a passphrase and want to change the passphrase now, execute the following command:

$ ssh-keygen -f id_rsa -p

type your new passphrase, you are done!