I stand corrected. Here is the procedure for setting up sftp-only with
/usr/bin/false as the shell:
Create your user with the appropriate shell:
useradd -m -s /usr/bin/false -d /home/anonsftp anonsftp
(Note that you might want to set up your own login class for it instead, or
add other details)
Change the ownership of /home/anonsftp to root:
chown root /home/anonsftp
Modify the sshd_config for a Match User block that is appropriate:
Match User anonsftp
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
ChrootDirectory /home/anonftp
If you need logging, again review the section in the man page on that.
Sorry for the bad information earlier.
Stefan Johnson
