Server security is always a threat when you have shell access open for users. Especially in shared hosting environments.
- How you like your remote users to be logged into your servers?
- Are you afraid of giving shell access?
- Does they require to just have ftp read only access?
- Do you like chroot to the user for better security?
Use scponly, best solution for you. Its an alternative for shell. Make your remote users login via “sftp” clients. Its nothing but “ftp over ssh” (secure ftp). But we had no alternative other than giving shell access to such users. At times bash shell !. It works as a wrapper and found to be rocking on many SSH clients.
More about scponly : (from its wiki)
A typical usage of scponly is in creating a semi-public account not unlike the concept of anonymous login for ftp. This allows an administrator to share files in the same way an anon ftp setup would, only employing all the protection that ssh provides. This is especially significant if you consider that ftp authentications traverse public networks in a plaintext format.
Check this nice utility, its simple to install and use.
