Additionally, allowing remote access directly as the user creates a huge attack vector. If a bad actor obtains access to that user, they immediately have full access to all the files on disk. By forcing connections to non-privileged users, you greatly increase security.