How do I make ftp up- and downloads the only thing a restricted user can do?
 

This requirement is interesting. My client is using Internet Explorer to ftp://[username]@NNN.NNN.NNN.NNN (ip address). When permitted full access, it's a no-brainer and works just as expected.

When there's a restricted shell (bash -r), it doesn't even complete the login. How do I allow him to ftp up and down, but that's IT? Or, is there some other "almost as restricted" way to do this that I haven't seen anyone yet discuss?

Don't give them a real shell to work with.

When I setup FTP users on my server that I don't want the ability to login in any other way to the machine, I give them a shell of /bin/false as I specified in /etc/shells. This locks them to only using FTP commands to upload and or download from directories they have access to.

Another good idea is if you want to restrict them from browsing any other directories instead of their home and sub directories in their home, you can look into chroot.

I don't understand what you mean when you say, "as I specified in /etc/shells." I looked there, and added /bin/false. But, then what?

Thanks for the quick feedback.

After adding /bin/false to /etc/shells, you just specify /bin/false as the users in question default shell, either when creating the user or editing their entry in /etc/passwd