Create a SFTP access only user to transfer files from and to a WordPress installation

So I heard that you want to enable FTP access (read + write) to a specific folder inside your WordPress (or any folder) directory to a specific user without installing the FTP service. SFTP is one way to achieve that. Follow these steps:

Assuming:
  • myuser: the user you want to grant access.
  • /var/www/myvhost: is a WordPress installation directory.
  • /var/www/myvhost/the_shared_folder (or the wp-content folder): is a folder inside your WordPress root you want to grant access to myuser.
1. Create the user and specify the shared folder as her home directory:

$ sudo useradd -d /var/www/myvhost/the_shared_folder myuser
$ sudo passwd myuser

2. Disable shell login on myuser:

$ sudo usermod -s /bin/false myuser

3. Configure ssh:

$ sudo nano /etc/ssh/sshd_config

...
#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp
...
Match User myuser
        X11Forwarding no
        ChrootDirectory /var/www/myvhost/the_shared_folder
        AllowTcpForwarding no
        PermitTunnel no
        ForceCommand internal-sftp
...

4. Restart ssh service:

$ sudo service ssh restart

5. Correct the permissions:

Make myuser is the owner of the_shared_folder:
$ sudo chown -R myuser:www-data /var/www/myvhost/the_shared_folder

Parent directory (the vhost) should be own root user and root group (? need to check):
$ sudo chown root:root /var/www/myvhost

While users in the www-data group still have write access:
$ sudo chmod -R g+w /var/www/myvhost/the_shared_folder


6. Use a FTP client (like FileZilla) to make SFTP connections to your server using myuser and enjoy.


References:

[0] http://shapeshed.com/chroot_sftp_users_on_ubuntu_intrepid/
[1] http://askubuntu.com/questions/244406/how-do-i-give-www-data-user-to-a-folder-in-my-home-folder
[2] http://unix.stackexchange.com/questions/155291/provide-sftp-read-write-access-to-folder-and-subfolders-restrict-all-else
[3] http://superuser.com/questions/19318/how-can-i-give-write-access-of-a-folder-to-all-users-in-linux