Currently, I have my web server (www.integratedwebs.com) configured to host multiple domain names on the one static ip address. I configured it to use SCP to connect (windows users use WinSCP to edit their files).

I'm not sure of a good way to explain what I would like to do, so, here's my attempt:

registered people at integratedwebs.com:
eric
tom
bill
sue

registered people at mydomain.com
fred
tom
gary

both domains are on my server, i would like them to be able to type in their domain name, and their user name and log in. but, you'll notice tom is on both domains. is there a way to create a second passwd file? or some way to allow one login to go to one place, and the other to go to another place?

thanks in advance!
Eric

ssh doesn't use domain names in it's protocols, all it does is resolve to an ip address on the client and then connect away. the connection that is recieved by the server will be identical whatever domain name is connected to, so there's nothing to get hold of. only thing i'd think of is listening with a seperate SSH server listening on a different port, but that depends what a "place" is... a directory? a server?

If you follow the "separate sshd" route, you'd have to instruct (e.g.) people at mydomain to "ssh -p 2201", "scp -P 2201" etc. Maybe move integratedwebs to port 2200, for symmetry.

But sshd will still look up people in /etc/passwd, and I can't find an option in sshd_config to override that. You can only have one "tom" user on your machine / in your password file. You may have to chroot each sshd. That might not be so bad; if they ssh in, they can at most see their own virtual site's stuff.

If that sounds heavy-handed, the lightweight alternative would be to include the domain in the user name (check how long they can be on your system). It would look a bit silly for your users, because they'd have to type, e.g.,
But hey, whether it's the port or the user name, they can stuff it into their ~/.ssh/config, e.g., like this
And then simply "scp X Y Z mydomain:"