sudo useradd -d <path_to_dir_to_share> <sftpuser>
sudo passwd <sftpuser>
Match User <ftpuser>ChrootDirectory %hAllowTCPForwarding noX11Forwarding noForceCommand internal-sftp
Make sure the Match blocks section is at the end of file, otherwise the ssh service will report this error and will not start.
Also you must have password enabled in your sshd_config. Check the following:
The shared path must have root:root ownership and 0755 permission
chown root:root <path_to_dir_to_share> chmod 755 <path_to_dir_to_share>
sudo service ssh restart
If the directory used for sftp is owned by another user you need to add your user to that group.
usermod -a -G <group> <ftpuser>
For example, if sftp is used to point a web server root, you must add SFTP user to www-data group.
Ensure that the directory to which the sftp user needs access is owned by root:root and has 755 permission
Check the /var/log/auth.log for error messages
tail -f /var/log/auth.log
It is expected that the sftp user is not able to write in the directory it points to. This fact is due to the ownership restrictions needed in order for sftp to work. Consider the following situation:
web server root is in /var/www/html
sftp user was created with its home in /var/www/html
In this case, the user cannot write /var/www/html, but it can write in all the subfolders. A way of dealing with this situation is to move the root of your application in /var/www/html/app. This way the sftp user can write to the application root directory.