in SSH implementations discovered by a team of researchers from the University of California at Berkeley. By carefully studying statistical analysis of typing rhythms, it is possible to discern information about a users SSH session, including the length of their password.
at SecurityFocus carefully. Also, check out ssh-agent(1) as a means of eliminating sending your encrypted password across the wire. This weakness dives into the realm of information theory and pattern analysis.