That didn't need multi-users.

No, but that's the case I've overwhelmingly seen over the decades. Anyway, are you going to redesign ssh not to require a user, for instance? I assume you wouldn't want sshd running as the putative single user.

[I'm all for replacing notions of privileges/permissions with capabilities.]

Yes, i'd rather that the sshd daemon ran with a restricted set of capabilities.