see www.crimelabs.net/docs/sshd1-logging.txt for details Perhaps you were talking about the below article, which details monitoring the time elapsed between keystrokes in order to guess the commands given and length of password.
http://www.securityfocus.com/news/241 James Michael-Hill On Wednesday 13 February 2002 01:48 pm, stevea wrote: >R Dicaire wrote >Are there any issues with X11 forwarding using ssh protocol 1 and rsa >keys for passwordless access? (And yes, the keys are passphrased).
