He's saying a latent program could hijack your established ssh connection to add another public key corresponding with an attackers private key to get long term access.