[simplicio]

The fix seems kind of crazy though, adding so much traffic overhead to every ssh session. I assume there's a reason they didn't go that route, but on a first pass seems weird they didn't just buffer password strokes to be sent in one packet, or just add some artificial timing jitter to each keystroke.

[bot403]

I'm just guessing but this chaff sounds like it wouldn't actually change the latency or delivery of your actual keystrokes while buffering or jitter would.

So the "real" keystrokes are 100% the same but the fake ones which are never seen except as network packets are what is randomized.

It's actually really clever.

[kevin_thibedeau]

SSH has no way of knowing when a password is being typed. It can happen any time within the session after SSH auth.