Why does SSH send 100 packets per keystroke?

Original Article ↗ Hacker News Discussion ↗

LLM language tics and style drift

  • Several comments fixate on LLM “catchphrases” like “smoking gun,” “you’re absolutely right,” “lines up perfectly,” and overuse of em dashes.
  • Some find this corporate / HR-style tone grating; others argue tolerance is reasonable given how useful LLMs are.
  • There’s discussion that these tics reflect recent internet training data and visible system prompts, not “new” language.
  • A side thread notes that LLM language is now influencing humans’ own writing habits, for better or worse.

SSH keystroke timing obfuscation: purpose and risk

  • Many were surprised to learn that modern SSH sends chaff packets to hide inter-keystroke timing, based on old timing-attack research.
  • One camp says “never disable this in production”: it’s a real side-channel defense against network observers, not just a cosmetic feature.
  • Others argue it’s overstated to call this “broken encryption”; it’s a side-channel on user typing, mainly useful for narrowing password guesses or inferring behavior, not decrypting ciphertext directly.
  • Some point out it’s only enabled for PTY/interactive sessions, not typical machine-to-machine SSH.
  • Suggestions for alternatives (buffering keystrokes, fixed-interval sending, jitter) are critiqued as either latency-hurting or still information-leaking; chaff is seen as simpler and more robust.

Performance, games over SSH, and protocol choice

  • Several commenters are skeptical of building a “high-performance game” over SSH at all, citing SSH’s chattiness, TCP head-of-line blocking, and SFTP-style overheads.
  • Alternatives proposed: UDP with custom reliability/crypto, QUIC, SCTP, mosh, Valve’s GameNetworkingSockets, or even telnet / netcat where security is irrelevant.
  • A counterargument: “ssh mygame” is a powerful zero-install UX; the novelty and constraints are part of the fun.
  • There’s concern about server-side disabling of a client security feature without explicit client consent.

Bandwidth, latency, and constrained links

  • Some see the extra packets as negligible amid modern bandwidth (especially vs video); others working over ADSL, mobile, or long-distance radio links say SSH is already painful and every bit of overhead matters.
  • Examples include SSH over 900 MHz telemetry, hobbyist 915 MHz radios, and similar lossy, high-latency environments.

Debugging, Wireshark, and LLMs

  • One group argues the mystery could have been solved faster with Wireshark or protocol analysis rather than asking an LLM.
  • Others say LLMs are genuinely useful as “rubber ducks,” task generators, or quick doc/search helpers, even if they hallucinate details.
  • There is some frustration that pervasive encryption makes deep, multi-layer debugging harder without better tooling.