"Some secure protocols like SSH send encrypted keystrokes as they're typed. By doing timing analysis you can figure out which keys the user probably typed (keys that are physically close together on a keyboard can be typed faster). A careful analysis can reveal the length of passwords and probably some of [the] password itself."
Seems a little on the
Seems a little on the paranoid side, but if you're serious about plugging up this theoretical security hole, you can do it without changing ssh. Instead patch screen or xterm or write a standalone pty middleman that adds random timing jitter to all buffered keystrokes. For extra fun, on backspace have it delete characters from its internal buffer if they haven't been sent yet, or even randomly send characters followed by backspaces in order to introduce yet more noise, but of course this'll break interactive programs like mutt and vim which don't universally allow backspace to undo the effect of the previous keystroke. So only enable this "extra fun" if the subordinate program is in cooked mode. (Oh wait, isn't ssh always in raw mode?)
Or buffer in extremely small
Or buffer in extremely small blocks (say, 3?) and dump the buffer after an imperceptible, but attack-breaking time period (250ms?).
The problem is you would not
The problem is you would not be able to do anything live, such as play console based games.
Perhaps use termio settings as a hint?
Don't password prompts turn echo off but leave the tty in "cooked" mode (ICANON), whereas games prefer "noecho" and "raw"? Are there any other cues? In general, in ICANON with ~ECHO, ssh could batch up keystrokes and it'd truly be invisible to the user.
So now I flash my ignorance of the pty interface: How much does the sshd side of the pty know about the other side's termio settings?
--
Program Intellivision and play Space Patrol!
Only passwords? Using a
Only passwords? Using a dictionary attack, you could possibly reconstruct most of what the user is entering because everyone has his own special way to use a keyboard, his own special time signature....
Solution: put a tiny minimum delay between non-burst transfers of small data amounts (< 10 bytes?) and re-send similarly sized fake data at the same tiny minimum delay afterwards up to X times, so we get a constant data stream for 5 seconds or so and without any timely information.
Of course, we still have some timely information exposed to the outside world: burst periods structure or so. But it is possibly much less critical.
Login passwords are already
Login passwords are already impervious to this attack, but if you log in and then try using sudo ....