Chroot sftp users using ssh
In order to secure your filesystem in the event your clients need access to their virtual or home directories, I would suggest using the chroot command available within ssh.
In /etc/ssh/sshd_config add the following at the bottom. Anyone in the chroot group will land in their home folder.
Match group chroot
You will now want to restart sshd
# /etc/rc.d/sshd restart
Now add a new group called chroot
# pw addgroup chroot
Add a new user and apply the following attributes:
Make sure the new user is in group chroot
Make sure the shell is set to nologin (This will allow them to scp in but NOT ssh in)
Make their home directory is set to /htdocs or any directory WITHIN their home folder. Do not specify the full path to their home folder.
So when you're done you need to set the perms on the home folder and then the files within that folder.
# chown root:chroot username
# cd username
# chown -R username:chroot *
When your user logs in it will chroot them to /home/username :-)
Once you do this it should chroot user just fine :-)