We have a system running RHEL 7. Users can connect using SFTP and their /home/user directory is where they start. They can browse the whole system with similar permissions as if they had made an SSH connection.

What we need to do is create an account that can only access an FTP directory and it's subdirectories. We don't want this user to be able to browse the rest of the system.

We also need our other users to be able to access their home directories using SFTP, as well as access the FTP directory and subdirectories.

What we currently have installed is: ftp-0.17-67.el7.x86_64

Is this possible? Can we do it with the FTP package currently installed or should we install something like ProFTP?

The package is for the FTP client; RHEL uses vsftp, and there is ample documentation regarding its configuration:
https://access.redhat.com/solutions/1346983

However, SFTP and FTP are two VERY different things; the term you're looking for is chroot, meaning that users can only access their own resources, and not traverse the filesystem any further. If you create one user that's chroot'ed to their own folder, and your local users are using SFTP (with the appropriate permissions), they should be able to traverse that structure if you don't chroot THEM.

1 members found this post helpful.

Yes, you can set up a chrooted SFTP account while leaving the others SFTP accounts untouched, all without compromising the integrity and safety of the system by adding vsftp.

The one thing to know with chrooted SFTP is that the chroot target must be owned by root. That is essential to ensure that the chroot remains separate. However it also means that you have to plan the directory substructure a little for the chroot.

Agree with the chrooted SFTP account.

Search the web with keyword below and create a Test VM and check whether it satisfies with your goal before rolling out to Production:

change the group name and the path accordingly, add the user that will be chrooted to the sftpgroup