Hello Marcoandrei!
You can try the following:
Create a new user by running this command in your terminal:
adduser --home /var/www/domainname/htdocs/ --ingroup www-data someusername
Make sure to replace the path with your client's vhost path. Let's say your client's website lives under domain "mywebsite.com" and your client's username is supposed to be "fred", then above command has to be modified like this:
adduser --home /var/www/mywebsite.com/htdocs/ --ingroup www-data fred
Now press enter in terminal and follow the terminal instructions. You don't have to fill in firstname, lastname, email, phone, etc etc, just set up a password, when asked and note it somewhere safe.
All that is left is to add the group permissions to /var/www/domainname/htdocs
directories. Or in above example:
/var/www/mywebsite.com/htdocs
by running the following command after you created the user:
chmod -R g+rw /var/www/mywebsite.com/htdocs
Now the new user will be able to modify files and directories within that website vhost location. And your website/wordpress will still be able to modify its own files.
You client will be able to connect to the server using sftp protocol with port 22 (if you changed your ssh port to a custom one, please let him know of course.)
He will need a tool/client software that supports SFTP. For exampe on Mac Forklift 3.x ist very recommendable and they are having a 66% Spring sale at the moment, too. Under Windows he might use Swish SFTP Client or another open source tool called WinSCP which is made for advanced users.
A cross platform solution which is available for Mac, Linux and Window is the pretty and also easy to use SFTP tool called Cyberduck.
If you also want to grant access to phpmyadmin GUI, you could add another user to the htauth of the Servertools. It's also fairly easy to achieve. Simply run the following command in your terminal to add a new user and password combination to the existing htauth that sits in front of your server tools:
htpasswd /etc/nginx/htpasswd-wo fred
and follow terminal instructions. Afterwards run:
wo stack reload --nginx
Now your client should be able to access phpmyadmin by browsing to https://yourserver.com:22222/db/pma/ and then entering the htauth user password combination that you just added. Then he will be prompted to login to phpmyadmin. You could provide his WordPress DB credentials, which are visible in his vhost's wp-config.php file.
With those DB credentials he will only be able to access his database.
That's it.
Best
Saskia