Comment by natch

If someone is not running sshd, I guess launchd would not take control of the port? And then someone on the same box could run their own fake sshd on the port, right? Leading potentially to the ability to capture keystrokes from any remote users who might "authenticate" and log in (to a fake terminal session provided by the daemon) through the port. What am I missing? Is it the case that launchd takes control of the port even if sshd is not configured to be active?