Add user with only SFTP access

add-chroot-sft-only-user.sh

#!/bin/bash
# 
# Use this guide for initial setup:
# https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-16-04
# 
# Install fail2ban
# apt install fail2ban
# 
# Disable Root Login
# sudo vim /etc/ssh/sshd_config
# // PermitRootLogin no
# sudo service sshd restart
# 
# Use this guide for unattended automatic updates:
# https://help.ubuntu.com/community/AutomaticSecurityUpdates
# Make sure to allow the server to reboot unattended at a specific time.
#
# Use this guide for chroot setup: https://wiki.archlinux.org/index.php/SFTP_chroot
# 
# This script accepts arguments, just pass in the username to the script while running it
# e.g.: $ bash chroot-script.sh username
#

sudo adduser $1

## Edit the /etc/passwd and change /bin/bash for the user to /bin/false to disable shell access
usermod -s /usr/sbin/nologin $1

## Set perms for the home directory. With a chrooted environment, everything preceeding chroot can have max 755
sudo chown root /home/$1
sudo chmod 755 /home/$1

## Create dropbox then set the home directory to dropbox
sudo mkdir /home/$1/dropbox
sudo usermod -m -d /home/$1/dropbox $1

## Set correct perms/ownership on dropbox
sudo chown $1:sftponly /home/$1/dropbox/
sudo chmod ug+rwX /home/$1/dropbox/

## Add group sftponly to ftp user
sudo usermod -a -G sftponly $1

echo 'User $1 all setup at /home/$1!'