Yes, SSH users should be jailed, but only within the confines of your server’s virtual prison. SSH, which stands for Secure Shell, is a tool that gives users command-line access to a server. Those technical savvy web hosting users who like to manage their websites from the Linux or Unix command line may request SSH access from a server or VPS administrator.
From a security perspective, it is probably a better idea to not give SSH access to users at all. Once they are in SSH, they can execute commands and potentially compromise the server. Even if they are model citizens, a third party hacker could gain access to their accounts and do some damage.
Fortunately, using a technique called jailing, you can limit the actual damage that a hosting customer’s account could do in SSH. The first problem with a standard SSH account is that even a user with limited privileges on a Linux system will still be able to navigate to every corner of the server. That means vital directories like /etc, /usr, and others will be exposed, and although the user will not have the necessary permissions to modify them, attackers could use that knowledge to their advantage.
When you jail users, you limit them to their own home directories. For example, a user name lydia will not be able to navigate above /home/lydia, and she will only be able to modify files within certain directories.
Jailing SSH users may not solve all of your security issues, but it can certainly lessen the chances of your server being unnecessarily exposed.