Hello,
I am a relative newcomer to the vps world and would appreciate any advice on how to securely allow users to upload their web site content.

I followed the Linode instructions on setting up apache2 on ubuntu karmic which resulted in having virtual domains web content under /srv/www/domain-name/public_html and all of those files are currently owned by root.

I need to figure out how to allow access to this directory structure or maybe better have each user publish to their /home directory and configure apache accordingly.
Then the question would be do I install a secure ftp server or force them to learn how to use winscp, etc.

Thanks in advance for any advice on this topic.
I am reading all of the great Linode documentation and user forum posts as fast as I can!

I don;t know if this is the best way, but it is the way I found that works. I know and trust my users. They are family and friends or friends of friends.

I ONLY have secure methods of accessing my server. No FTP or IMAP/POP/SMTP in the clear. if the password is set, it is encrypted. This requires a SSL Cert, which I first made a self signed one, but now am on the $30 GoDaddy Cert plan. I use this Cert for all my stuff and FORCE the method. It was tricky to setup but I feel well worth it.

So they use WinSCP on Windows or Fugu on Mac.

I setup the websites inside their home directories. For this example the user will be leroy and the site will be example.com

The directly looks like this:

/home/leroy/www/example.com/htdocs/
/home/leroy/www/example.com/logs/

I then setl the webserver to point the document root to the htdocs directory and the logs into the logs directory. For multiple sites I make multiple directories with the domain name.

Only once this bit me when the user deleted his logs directory, it dorked up the server. I could probably do some permission-fu to prevent this, but in several years this was my only problem.

I even set up my person sites this way, under my user account, the same way. So I only need to login as me to access my websites. Nothing is in the default location.

There is probably some security risk, but I don't know.

I recommend FTP only access for your users. If you want SFTP that's essentially FTP over SSH meaning you need to give them ssh access as well. Since you're here asking this question, it looks to me you're not sure what you're doing and therefore I strongly recommend you do not allow SSH access for your users.

Should you decide to do so anyways, I recommend public-key authentication, and move SSH to another port.

You can have FTPS instead which is essentially FTP over SSL/TLS. For that you need a certificate which you can build yourself (google for openssl self signed certificate). That will allow you to encrypt the FTP command channel, or both command and data.

I strongly recommend you have local users per domain and setup FTP to use local user database. That way you should have the /home/<username>/public_html setup, and configure your webserver to map each domain to respective public_html. Additionally, if you will allow PHP, you need a more complex setup ensuring PHP runs as domain user, not as webserver's!

SSH access != having a shell. There are plenty of ssh_config(5) options to disable shells, port forwarding, all that other stuff besides ssh.

You can always set their shell to /dev/null, right?

Amongst other things.

_________________
Disclaimer: I am no longer employed by Linode; opinions are my own alone.