• useradd sftp-only create user
  • In /etc/ssh/sshd_config comment the existing line starting with Subsystem sftp and add:
Subsystem sftp internal-sftp

Match user sftp-only
     ChrootDirectory /path/to/the/dir
     X11Forwarding no
     AllowTcpForwarding no
     ForceCommand internal-sftp
  • service sshd restart

The folder must be owned by root, remember to set the read/write permission for the user. User will be chrooted to the selected folder and won’t be able to use ssh or the shell.