Installing rssh to allow scp/sftp sessions only for user accounts is a breeze. Getting them into a chroot jail took a bit more reseach, but in the end turned out to be pretty easy.
This is on CentOS 4.6, but this technique should work almost identically for any Linux system thanks to the l2chroot script.
besides the official documentation, some must-read overviews of the issues with PHP’s session support are provided by Harry and segfaultlabs.
Installation of mod_security from source is very easy, but did not quite go according to the published documentation on CentOS 5. Following is a brief detail on steps required.
We use DenyHosts on several servers to keep the annoying kids in the neighborhood from banging on the ssh door all day. This has been working fine for years. But getting it working for FTP or other authenticated services was thought to be impossible by some. It isn’t impossible - but it is a little tricky. Here is how it is done.