Hey
is it just SFTP access they need? If so, this is what I recommend:
1. Install SSH and scponly. scponly is a cut down shell which only allows the user access to logging in with an SCP client (like WinSCP). Importantly, scponly also comes with a shell called scponlyc, which allows it to run as a chroot environment.
2. With the most recent version of scponly, the home directory of the user must be owned by root. this is for security reasons, but can be a pain. You need to make a folder inside the user's home folder which is owned by the user. This is the folder which they can use.
3. Download and use scpjailer (
http://tjw.org/scpjailer/). This is a really handy binary which will set up all of the correct files inside the user's home folder to make it chrooted. (As it is chrooted, you can probably imagine that some important files (for example, the authentication details, binaries and their libraries) need to be stored in the user's home folder.) Scpjailer will copy across everything you need.
4. Once you have done this, modify each user to make his shell /usr/sbin/scponlyc (this may not be the correct path. you will need to check it).
The result is:
1. User's home folder is (for example) /home/user . This is owned by root:root .
2. There is a folder called /home/user/data which is owned by user:user .
3. Give the user the link to WinSCP. Tell them to log in with their username and password to your server using WinSCP.
4. When they log in, they will not be able to access files outwith their home folder.
5. If you do try to login with putty or with a terminal, they will not have access to a shell.
This is waht I remember doing when I did it. I ahve it all written down at the office, but I'm not there.
Let me know how you get on
H