virtual sftp users with openssh

ssh linux centos sftp

Is it possible to setup a SFTP service with OpenSSH with the use of virtual users (not /etc/passwd)? I'm aware of all the chroot/jail capabilities of OpenSSH. I also read somewhere that the PAM service name is based on sshd argv[0].

The background is, that this service would be run in a failover cluster and I don't like the idea of having to maintain users in each nodes /etc/passwd file. Therefore I would like to run an sshd with it's own configuration and with a independent account management.

E.g. in vsftpd virtual users can be written into a BDB file which is then passed to pam_userdb.so.

Is something like this possible with standard PAM/OpenSSH?


Solution 1:

Have you considered managing your user accounts with ldap, nis, or a configuration management system instead of maintaining the accounts locally on the cluster nodes?

Do you only require sftp, and not shell access? I see that proftpd now has an sftp module, and it supports an external account database.

Related

sudo and sudo -i access features
How can I rotate PHP Log files on Windows Server 2003?
Cannot ssh into cisco switch: Invalid key length
IIS 7.5 FTPS external access - 534 Policy requires SSL
Couldn't find package gitolite on Ubuntu 10.04
Can I host multiple sites on a single Linode server a la Dreamhost?
apache mod proxy to another domain with relative paths
Sharing SSL Certificates in a Cluster
Share Exchange/Outlook calendars between two different domains
WebResource.axd and ScriptResource.axd + 404 not found…
Apache mod_cache: Strip/ignore (only) Google Analytics cookies
Conditionally set client_max_body_size