O ProFTPd oferece o que você pede:
ProFTPD allows for the definition of "virtual" users: users who do not have accounts on
the host machine, whose account information is defined in other sources. The passwords for
these users are then specific only to FTP access, and thus do not expose shell access
(ssh, hopefully) to unauthorized users. These alternative account information sources
include SQL tables (via mod_sql), LDAP servers (via mod_ldap), CDB files (via
mod_auth_cdb), and other system files (via the AuthUserFile and AuthGroupFile
configuration directives). The proftpd server can be configured to use multiple account
information sources simultaneously as well, allowing for flexible support of a range of
environments.
Eu pessoalmente estava usando o plugin mod_sql do ProFTPd para evitar o uso de usuários do sistema operacional para acesso via FTP. Aqui você pode encontrar mais informações se for adequado para você: