For a VPS with some small websites, some users need SFTP-access. I want jail them in their own /home/-directory. This directory contains the data for the website.
This is all new for me, so i need some advice.
Chroot is the standard option for this. And i can find enough tutorials and so on. But is this method secure & good enough? Are there better alternatives?
Yes, but chrooting may require additional resources. For example, php-fpm can be chrooted using it's own features, but php call mail() requires the sendmail binary in the tree, so unless you will provide it to your users (along with it's libraries) they won't be able to use mail() in php. Even if your users, from your point of view, do have all the needed data, they can require some more. In fact, this VPS you are talking about is an alternative - your VPS provider provides you with a set of isolated operation system resources.
