We have just added optional SSH/SCP access (SFTP/SSHFS access was the only previous option) to our shared hosting service and are rather pleased with the implementation we have come up with.
With SFTP/SSHFS access users are jailed in their home directory and don’t have any way to see any other files on the servers — this is what we have had for years.
With SSH/SCP access users are jailed into a chroot which is a, read-only mounted, copy of a minimal Debian install with their home directory mounted read-write, this means you can’t see any other users files and while MySQL works as the socket is mounted (for TCP connections to localhost, otherwise only 127.0.0.1 works) and all the tools we could think of are installed, wp, drush, composer, vim etc. this isn’t the environment that Apache and MySQL are actually running in so there are no logs or server configurations available.
One thing I was wondering is what other command line tools do people use when they have SSH access to shared hosting servers and are setting sites up? Is there anything we could add?
Something we haven’t sorted out is access to the crontab and of course some environmental variables might have different values when accessed via the web.