What are /r/OpenSSH's favorite Products & Services?

From 3.5 billion Reddit comments

It's not quite that simple.

Traditionally on Unix systems ports <1024 could only be bound by processes running as root. Since then, some systems including Linux gained some finer grained "capabilities", one of which (CAP_NET_BIND_SERVICE) allows binding to low ports.

In parallel, prior to privsep the sshd handling a user's session ran as root, and ssh could also run setuid. Because both could run with privileges, they check that the user running it is root before it allows that user to bind to ports lower than 1024.

In OpenSSH 7.5, PrivilegeSeparation was made mandatory and in OpenSSH 7.8 the ability to run ssh(1) setuid was removed, and with both of those gone the explicit check in OpenSSH was also removed.

So, if the server is OpenSSH 7.7 or earlier on the server, only root can will be allowed to bind to a port <1024. If the server is OpenSSH 7.8 or later, if the user is root or has CAP_NET_BIND_SERVICE then it can bind to a low port. If neither of those are true, you won't be able to bind to a low port.