Thanks for the reply. If you want to use SFTP, the user does require some valid shell login to authenticate them. I already tried /bin/false, they don't get to login as the user has no shell access
I want to block port 21 on the server, so everyone is forced to use SFTP. However I don't want to give out a shell access that could be exploited.
I do run plesk, and they provide a:
However I have read it still can be exploited.
Its a matter of having a very restricted shell access access. That is why I was asking about /usr/libexec/openssh/sftp-server, it seems its a very 'standard' on just about all linux distributions and its said to be very secure, but I like to hear what others have found or know.