sFTP without SSH access
 

OK...

I would like to create a new FTP user, whom may use sFTP to connect, however I wish to deny them SSH access. Also, everything this FTP user does, must operate under my username. i.e. user1 logs in and uploads 100 files, these files are owned by mainuser, but also may be altered by user1. Got it :)

I have read a little about scponly, which seems like a possible route.

History
This question comes about as I may add FTP access to a user, whom may access all files within a certain folder, via my ftp program, ncftp. These users may only operate within there designated directory, and they operate under the main username, not there own. The only problem is they may not connect securely, via sFTP.

Any information will be greatly appreciated.

Hi,

First of all, sFTP == SSH + FTP. Meaning you MUST give SSH access to give sFTP access.

You need to look into "SSH chroot jails" to prevent users from destroying your system after you have given them SSH access or alternatively setup FTPS (FTP + SSL).

As for 2 users being able to edit a file, I suggest you setup a group. Make sure this new group is the sFTP users primary group and make sure you also belong to the group.

Then set the sFTP user's umask in his/her profile to create new files as group read/writeable.

Good luck!

I totally agree, the user must have SSH access, but very limited. And I have read about jailing. So I guess the next question is, could I use 'umask' to mask certain users to a specific username? Example:

user1_sub1 writes/reads/execs files as user1

The scponly shell is a good choice. I've used it to solve similar problems to what you're describing.

That's not quite right. Wikipedia has an illuminating, related entry on this topic:
http://en.wikipedia.org/wiki/Ftps
Thus: sftp == ssh file transfer protocol (not the same as the original ftp protocol, but behaves somewhat similarly from an end-user perspective).

It's more than a semantic distinction; ftp is a different beast altogether.