Chroot SSH and SFTP?

Hi, I searched everywhere and still don’t know how to chroot users in their homes for SSH and SFTP. I really don’t like, when my friend who have web hosting on my server can copy all setups what I do in /etc etc…

Is there any functional manual how to setup chroot in newest Virtualmin?

I do it in command line on my Centos 7 and here is my notes. FYI, I’m no pro.

To jail sftp user

–> add user to group sftponly (you need to check group name from sshd_config)
–> sudo groupadd sftponly
–> sudo useradd sftp_tst1 -s /bin/false
–> sudo passwd sftp_tst1
–> sudo usermod -G sftponly sftp_tst1
- this will create new directory in home/username
- we need to make owner of home/username to root and folder permission to 0755 otherwise we cannot upload file
–> sudo chown -R root:root /home/sftp_tst1
–> sudo chmod 0755 /home/sftp_tst1
then we need to create dev folder for logging
–> mkdir /home/sftp_tst1/dev
then we need to create folder inside that and make owner to be the new user
–> mkdir /home/sftp_tst1/incoming
–> sudo chown sftp_tst1:sftponly /home/sftp_tst1/incoming