Welcome.
Adding a GUI would only complicate things and just represent the text file anyway.
How many users are you thinking about adding?
What it sounds like you are aiming for is a set of SFTP-only accounts locked into a chroot. The chroot target must be root-owned and writable only by root. There are two ways to do that. One is to nest an extra directory within the users' chroots:
Code:
mkdir /toplevel/;
chown root:root /toplevel/;
chmod u=rwx,g=rwx,o=rx /toplevel/;
mkdir -p /toplevel/user/user/;
chown root:root /toplevel/user/;
chown user:user /toplevel/user/user/ ;
chmod u=rwx,g=rwx,o=rx /toplevel/user/;
chmod u=rwx,g=rwx,o=rx /toplevel/user/user/;
Then the matching stanza in sshd_config could be something like this:
Code:
Match Group sftp-only
ChrootDirectory /toplevel/%u
AllowTCPForwarding no
X11Forwarding no
ForceCommand internal-sftp -d %u
The %u substitutes the account's username in the path. See "man sshd_config" for the details.