Tbh I'm surprised SSH sends password keypresses to the remote end like telnet. I would have thought the password was captured client-side and then dealt with in some secure manner.
Are they meaning they capture you logging in to another system from the side-channel-monitored system? So you are already on a remote session from machine A to machine B, typing away, and you SSH from machine B to machine C, while some code on machine B infers your keypresses from the network packets coming from machine A to machine B? That sounds like it would make sense.