Setup SFTP Only users

create_sftp_user.sh

#!/bin/bash
#Setup SFTP Group and Service

function setup(){
#Create sftpusers group.
sudo groupadd sftpusers

#Comment out setting disabling SFTP access from sshd config file.

sudo sed -i "s/Subsystem sftp \/usr\/lib\/openssh\/sftp-server/#Subsystem sftp \/usr\/lib\/openssh\/sftp-server/" /etc/ssh/sshd_config

if (cat /etc/ssh/sshd_config | grep sftpusers); then
cat <<EOF >> /etc/ssh/sshd_config
#enable sftp
Subsystem sftp internal-sftp
Match Group sftpusers
   ChrootDirectory %h #set the home directory
   ForceCommand internal-sftp
   X11Forwarding no
   AllowTCPForwarding no
   PasswordAuthentication yes
EOF
sudo service ssh restart
fi
}

#Creating Users

# usage: create_sftp_user <username>
function create_sftp_user() {
    # create user
    sudo adduser $1

    # prevent ssh login & assign SFTP group
    sudo usermod -g sftpusers $1
    # Ubuntu - sudo usermod -s /usr/sbin/nologin $1
    sudo usermod -s /bin/nologin $1

    # chroot user (so they only see their directory after login)
    sudo chown root:$1 /home/$1
    sudo chmod 755 /home/$1

    sudo mkdir /home/$1/uploads
    sudo chown $1:$1 /home/$1/uploads
    sudo chmod 755 /home/$1/uploads
}

# mount --bind /var/www/ ./www
```