Keystroke timing obfuscation added to ssh(1)

OpenBSD developer Damien Miller has added support for keystroke timing obfuscation to the ssh(1) client. This feature aims to hide inter-keystroke timings by sending interactive traffic at fixed intervals and introducing fake “chaff” keystrokes after the last real keystroke. The timing intervals and behavior can be controlled with a new ssh_config keyword. This implementation also introduces a transport-level ping facility using SSH transport protocol messages to implement a ping capability. These changes further enhance security on OpenBSD and will likely be adopted by other systems through openssh-portable in the future. This development showcases security measures achieved through clever trickery.

https://undeadly.org/cgi?action=article;sid=20230829051257

To top