[marshray]

> SSH'ing to a given system and the amount of data transferred, but nothing more.

A passive eavesdropper sees very precise timing of every keystroke, as well as the timing and size of the response.

This is enough to reconstruct text being typed with surprisingly good accuracy.

[andrewcooke]

[ignore this - see edits] i thought one problem with ssh was that it used tcp and too-large packets. hence that other thing that builds on top of it, and whose name i can't remember. having said that, i'm sure there is side channel info - i'm just not sure how precise things are.

also, what cipher suite does ssh use. does it have forward secrecy?

[edit1: to answer that last question; yes it does.]

[edit2: paper on keystroke timing attack - http://users.ece.cmu.edu/~dawnsong/papers/ssh-timing.pdf - each keystroke is a packet‎; passwords have no echo. this is from 2001 - it has suggestions like sending packets when idle, but i don't think they've been implemented.]

[keshy]

I am pretty sure NSA's would have better ways to get information about you than to just rely on periodicity of your keystrokes and doing all those analytics based on heuristics.

[marshray]

This has nothing to do with 'information about me'. The NSA has bunch of old declassified internal newsletters on their website. Traffic and timing side channels analysis is classic, old-school SIGINT.