That's not the problem. Passwords typed during authentication are already quite secure - they are not sent keystroke by keystroke, rather in their entirety and padded up to the nearest 2^n in length (to hide their real length).
The problem is keystrokes typed once the session is up, e.g. your password after running "sudo". We already have measures in place to make it difficult for an eavesdropper to know when you are typing such a password, but they could still perform traffic analysis on the entire session.