diff -Nru endlessh-1.1/debian/changelog endlessh-1.1/debian/changelog
--- endlessh-1.1/debian/changelog	2020-03-31 17:38:12.000000000 +0000
+++ endlessh-1.1/debian/changelog	2020-11-02 13:13:46.000000000 +0000
@@ -1,3 +1,17 @@
+endlessh (1.1-5) unstable; urgency=medium
+
+  [ Thierry B ]
+  * d/endlessh.init: Background the server process.
+    Closes: #972388
+
+  [ nicoo ]
+  * d/README: Explain socket activation and privileged ports
+    Closes: #970512
+  * Update nicoo's name
+  * d/patches: Fixup DEP-3 metadata format
+
+ -- nicoo <nicoo@debian.org>  Mon, 02 Nov 2020 14:13:46 +0100
+
 endlessh (1.1-4) unstable; urgency=low
 
   * Replace Makefile patch with upstream's
@@ -50,10 +64,10 @@
     No change required.
   * Lintian: Override false positive (hardening-no-fortify-functions)
 
- -- Nicolas Braud-Santoni <nicoo@debian.org>  Sat, 01 Feb 2020 05:29:51 +0100
+ -- nicoo <nicoo@debian.org>  Sat, 01 Feb 2020 05:29:51 +0100
 
 endlessh (1.0-1) unstable; urgency=medium
 
   * Initial release (Closes: #933846)
 
- -- Nicolas Braud-Santoni <nicoo@debian.org>  Sun, 04 Aug 2019 23:33:35 +0200
+ -- nicoo <nicoo@debian.org>  Sun, 04 Aug 2019 23:33:35 +0200
diff -Nru endlessh-1.1/debian/endlessh.init endlessh-1.1/debian/endlessh.init
--- endlessh-1.1/debian/endlessh.init	2020-03-31 17:38:12.000000000 +0000
+++ endlessh-1.1/debian/endlessh.init	2020-11-02 13:13:46.000000000 +0000
@@ -18,7 +18,9 @@
 case "$1" in
   start)
     log_daemon_msg "Starting SSH tarpit" "endlessh"
-    start_daemon -p $PIDFILE $DAEMON
+    start-stop-daemon --start --background              \
+                      --make-pidfile --pidfile $PIDFILE \
+                      --exec $DAEMON
     log_end_msg $?
     ;;
   stop)
diff -Nru endlessh-1.1/debian/patches/0001-Fix-binary-path-in-endlessh.service.patch endlessh-1.1/debian/patches/0001-Fix-binary-path-in-endlessh.service.patch
--- endlessh-1.1/debian/patches/0001-Fix-binary-path-in-endlessh.service.patch	2020-03-31 17:38:12.000000000 +0000
+++ endlessh-1.1/debian/patches/0001-Fix-binary-path-in-endlessh.service.patch	2020-11-02 13:13:46.000000000 +0000
@@ -1,4 +1,9 @@
+From: nicoo <nicoo@debian.org>
+Date: Fri, 7 Feb 2020 01:12:50 +0100
 Subject: Fix binary path in endlessh.service
+Origin: vendor
+Forwarded: not-needed
+Last-Update: 2020-11-01
 
 ---
  util/endlessh.service | 2 +-
@@ -6,11 +11,6 @@
 
 diff --git a/util/endlessh.service b/util/endlessh.service
 index fd12a00..f997293 100644
-Origin: vendor
-From: nicoo <nicoo@debian.org>
-Forwarded: not-needed
-Last-Update: 2020-02-16
-
 --- a/util/endlessh.service
 +++ b/util/endlessh.service
 @@ -7,7 +7,7 @@ Requires=network-online.target
diff -Nru endlessh-1.1/debian/patches/0002-Use-CPPFLAGS-in-the-Makefile-closes-43.patch endlessh-1.1/debian/patches/0002-Use-CPPFLAGS-in-the-Makefile-closes-43.patch
--- endlessh-1.1/debian/patches/0002-Use-CPPFLAGS-in-the-Makefile-closes-43.patch	2020-03-31 17:38:12.000000000 +0000
+++ endlessh-1.1/debian/patches/0002-Use-CPPFLAGS-in-the-Makefile-closes-43.patch	2020-11-02 13:13:46.000000000 +0000
@@ -1,4 +1,11 @@
+From: Christopher Wellons <wellons@nullprogram.com>
+Date: Sun, 16 Feb 2020 10:10:14 -0500
 Subject: Use CPPFLAGS in the Makefile (closes #43)
+Origin: commit:4cb4fc6eac621196ce30c5506b5e36b94b643354
+Applied-Upstream: commit:4cb4fc6eac621196ce30c5506b5e36b94b643354
+Bug: https://github.com/skeeto/endlessh/pull/43
+Reviewed-by: nicoo <nicoo@debian.org>
+Last-Update: 2020-11-01
 
 Debian uses CPPFLAGS to pass arguments like -D_FORTIFY_SOURCE=2.
 ---
@@ -7,13 +14,6 @@
 
 diff --git a/Makefile b/Makefile
 index 507b2f7..119347a 100644
-From: Christopher Wellons <wellons@nullprogram.com>
-Reviewed-by: nicoo <nicoo@debian.org>
-Origin: commit:4cb4fc6eac621196ce30c5506b5e36b94b643354
-Applied-Upstream: commit:4cb4fc6eac621196ce30c5506b5e36b94b643354
-Bug: https://github.com/skeeto/endlessh/pull/43
-Last-Update: 2020-03-31
-
 --- a/Makefile
 +++ b/Makefile
 @@ -1,14 +1,15 @@
diff -Nru endlessh-1.1/debian/README.Debian endlessh-1.1/debian/README.Debian
--- endlessh-1.1/debian/README.Debian	2020-03-31 17:38:12.000000000 +0000
+++ endlessh-1.1/debian/README.Debian	2020-11-02 13:13:46.000000000 +0000
@@ -1,7 +1,17 @@
 The SysV init script in this package is provided for compatibility,
 but does not implement the security features of the systemd unit.
 
-Users are strongly advised to use the systemd unit for this service,
-as it is a C codebase directly exposed to the network.
+Users are strongly advised to use the systemd unit for this service, as it is a
+C codebase directly exposed to the network, and the package implements a sandbox
+around the service using systemd's security features.
 
- -- Nicolas Braud-Santoni <nicoo@debian.org>, Mon,  5 Aug 2019 00:52:07 +0200
+Note that the service is, in particular, not started as `root`, and as such
+cannot listen on privileged ports (< 1024).  The recommended way to do so is
+to use socket activation; for instance, to listen on port 222:
+
+  systemctl enable --now endlessh@222.socket
+
+This has the added advantage of only starting the service on the first
+connection, preserving system resources until then.
+
+ -- nicoo <nicoo@debian.org>, Mon,  2 Nov 2020 09:13:46 +0100