virtual sftp users with openssh

Is it possible to setup a SFTP service with OpenSSH with the use of virtual users (not /etc/passwd)? I'm aware of all the chroot/jail capabilities of OpenSSH. I also read somewhere that the PAM service name is based on sshd argv[0].

The background is, that this service would be run in a failover cluster and I don't like the idea of having to maintain users in each nodes /etc/passwd file. Therefore I would like to run an sshd with it's own configuration and with a independent account management.

E.g. in vsftpd virtual users can be written into a BDB file which is then passed to pam_userdb.so.

Is something like this possible with standard PAM/OpenSSH?


Solution 1:

Have you considered managing your user accounts with ldap, nis, or a configuration management system instead of maintaining the accounts locally on the cluster nodes?

Do you only require sftp, and not shell access? I see that proftpd now has an sftp module, and it supports an external account database.