Ubuntu SFTP jails setup
Quick note on how to limit user's access with SFTP Jails on Ubuntu.
Access the ssh config file nano /etc/ssh/sshd_config
Modify so that it contains the line
Subsystem sftp internal-sftp
Add the following block to the end of the file: Match group filetransfer ChrootDirectory %h X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp
Restart OpenSSH as follows:
/etc/init.d/ssh restart
Modify user account
If your goal is to give a client or designer access through SFTP to a domain folder, you can start by creating a group for the users- who will only have SFTP access:
addgroup filetransfer
Next, you will have to create a new user account and relate it to the new group. This will create the user named fileuser and set its home directory in srv/www/[domain]/public_html: sudo useradd -d /srv/www/[domain] [username] sudo passwd [username] sudo usermod -G filetransfer [username] sudo chown [username]:[username] /srv/www/[domain]/public_html