openssh: do not allow sftp login for non-admins

Also suggested by @fabianfrz.  Not perfect yet as we seem
to mix wheel with access and either need to lock down shell
access along with it or somehow tag along the shell privilege.

Small race in the group setting on the user page.

PR: https://forum.opnsense.org/index.php?topic=6994.0

src/etc/inc/plugins.inc.d/openssh.inc

@@ -157,7 +157,8 @@ function openssh_configure_do($verbose = false, $interface = '')
     $sshconf .= "UseDNS no\n";
     $sshconf .= "X11Forwarding no\n";
     $sshconf .= "PubkeyAuthentication yes\n";
-    $sshconf .= "Subsystem\tsftp\tinternal-sftp\n";
+    $sshconf .= "Subsystem sftp internal-sftp\n";
+    $sshconf .= "AllowGroups wheel\n";
     if (isset($sshcfg['permitrootlogin'])) {
         $sshconf .= "PermitRootLogin yes\n";
     } else {

src/www/system_usermanager.php

@@ -361,8 +361,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
                 $a_user[] = $userent;
             }
 
-            local_user_set($userent);
             local_user_set_groups($userent, $pconfig['groups']);
+            local_user_set($userent);
             write_config();
 
             if (!empty($pconfig['chkNewCert'])) {