New SSH attack weakens passwords

New SSH attack weakens passwords
Ann Harrison, SecurityFocus 2001-08-17

Researchers say the elapsed time between keystrokes can reveal much about your password.

SSH Keystroke Timing Attack 2001-08-20
Chris Leonardos <cleonardos (at) triumph (dot) com [email concealed]>

My question is this: If the SSH Client caches the user keystrokes when accepting the password, and sends them only after the OK button is clicked, how can this attack be at all usefull?...

[ more ]