Create a Group, which restricts users created under that group are not to move out of their Home Directory. This one we have to do it in sshd_config file.
This example is with SSH and VSFTPD modules. make sure those are installed in your linux box.
SSHD_CONFIG location would be in /etc/ssh/sshd_config
Enable / Add below line in sshd_config file.
Subsystem sftp internal-sftp
# This section must be placed at the very end of sshd_config
Match Group sftpaccessonly
Create a Group with the name "sftpaccessonly"
$ groupadd sftpaccessonly
Go to HOME directory
$ cd /home
Create a User in home directory
$ adduser <your_user_name>
It prompts you a screen to enter password of the user along with other details like their Full Name, Room Number etc.
Enter all details and Confirm that those details are correct.
Now user got created.
Add user to the Group "sftpaccessonly"
$ usermod <your_user_name> -g sftpaccessonly
Restrict that specific user to execute any shell commands. To deny SSH shell access, run the following command:
$ usermod <your_user_name> -s /bin/false
It is very important that root user is having full access on newly created user account.
$ sudo chown root /home/<your_user_name>
Add write permissions to the directory <your_user_name> and all its contents for user and deny write access for everybody else.
$ sudo chmod go-w /home/<your_user_name>
create a directory / directories where user wants to have access to them.
sudo mkdir /home/<your_user_name>/<your_directory_name>
Give Permissions to the user with the specified group
sudo chown <your_user_name>:sftpaccessonly /home/<your_user_name>/<your_directory_name>
Give writable permissions.
sudo chmod ug+rwX /home/<your_user_name>/<your_directory_name>
$ service ssh restart
$ service vsftpd restart
Now you can login with the created credentials using SFTP. user can only access to their home directory specific folders which you have provided permissions.
Same users you can not login through SSH.