Have you checked what user OpenSSH usually runs as on a linux machine in order to allow key-based authentication? I'll give you a hint: it's root. That's no different than running as SYSTEM on Windows.
As a sibling comment mentioned, it makes perfect sense that the ability to create a user session requires a certain privilege. What struck me as odd, was that it only needed this on Windows when using key-based authentication - not when allowing password-based login.
AFAIK ssh needs access to /etc/shadow on Linux, if you want to use system passwords. But also, AFAIK, nothing stops you from running ssh in a chroot, without any such access (well, access to a /etc/shadow under the chroot probably).
Nice that you found that page! We considered all of them. Rocket.chat and Mattermost seemed like the best products. I don't like that Rocket.chat is made with Meteor and therefore Mongo only, we already ship and love PostgreSQL. Also, I met Ian from the Mattermost team at YC camp and we hit it off together.
It’s a shame you didn't to talk to us too. There are a lot of benefits of using Meteor. First, it plans to be DB agnostic, so Postgres support will come in the next version, and many other DBs. So if that was the main reason, it's was a bit short sighted. Also, we have already submitted our Mobile apps to Google Play and Apple Store. Sure the first version is Hybrid, but they work really well, and the native version is on the making. We are also working with a team from the US army to implements the DoD Manual 5200.01V2 so they can use it at government agencies too. On scalability, we are pushing the limits with a deployment that has 40k users for the Federal University in Brazil. Hopefully GitLab will not commit to a single option so early, that would be premature at this point, and maybe we can work together to offer another chat option?
