The security/openssh-portable port seems to support chrooted ssh.
Code:
> cd /usr/ports/security/openssh-portable
> make showconfig
===> The following configuration options are available for openssh-portable-5.0.p1,1:
PAM=on (default) "Enable pam(3) support"
TCP_WRAPPERS=on (default) "Enable tcp_wrappers support"
LIBEDIT=on (default) "Enable readline support to sftp(1)"
KERBEROS=on (default) "Enable kerberos (autodetection)"
SUID_SSH=off (default) "Enable suid SSH (Recommended off)"
GSSAPI=off (default) "Enable GSSAPI support (req: KERBEROS)"
KERB_GSSAPI=off (default) "Enable Kerberos/GSSAPI patch (req: GSSAPI)"
OPENSSH_CHROOT=off (default) "Enable CHROOT support"
OPENSC=off (default) "Enable OpenSC smartcard support"
OPENSCPINPATCH=off (default) "Enable OpenSC PIN patch"
HPN=off (default) "Enable HPN-SSH patch"
LPK=off (default) "Enable LDAP Public Key (LPK) patch"
OVERWRITE_BASE=off (default) "OpenSSH overwrite base"
===> Use 'make config' to modify these settings
Alternatively, put your sshd daemon in a FBSD jail.