Package: openssh-server
Version: 1:8.8p1-1
Currently the standalone OpenSSH sftp-server is used as default SFTP
subsystem, set via /etc/ssh/sshd_config. This implies a dependency on
the openssh-sftp-server package and means that every SFTP connection
spawns a new external process, while sshd ships with the internal-sftp
in-process SFTP server, which perform better when dealing with many
short duration connections and simplifies the ChrootDirectory usage to
not require any manual /dev node setup.
Legacy SSH1 clients pass an exact SFTP command, hence will still depend
on openssh-sftp-server or any alternative standalone SFTP server, also
internal-sftp means that the login shell is skipped in the first place.
But the need for both are edge cases, the use of SSH1 IMO worth to be
actively discouraged, and the vast majority of OpenSSH SFTP server
admins will benefit from this change, at least to not require a config
change that is part of very most SFTP guides around the internet,
reasonably.
Forgive me if this discussion was already done, but I couldn't find it
within the Debian bug tracker at least.
Best regards,
Micha