RHEL9 + CIS system will not accept pasted ssh password *ONLY ON FIRST SSH*

I have a RHEL9 server where I ran the RHEL9 CIS ansible-lockdown role and configured it so that root can ssh in (yes I know, will be remedied in the future). The system is doing something very strange. After reboot, I can not paste the ssh password into the terminal, it only lets me in if I type it out. As soon as any ssh session has been created, I CAN paste the password into the ssh prompt and it lets me in just fine. Here are logs showing the attempts. Note that the same password was in the clipboard the whole time, so I absolutely did not fat-finger the root password.

Jul 15 15:55:13 myhost sshd: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.0.0.8  user=root
# ^password pasted
Jul 15 15:55:20 myhost sshd: pam_unix(sshd:session): session opened for user root(uid=0) by root(uid=0)
# ^password typed
Jul 15 15:55:21 myhost sshd: pam_unix(sshd:session): session closed for user root
Jul 15 15:55:24 myhost sshd: pam_unix(sshd:session): session opened for user root(uid=0) by root(uid=0)
# ^password pasted

I found someone posted something similar here: https://forums.rockylinux.org/t/weird-ssh-issue-on-9-3-ssh-login-fails-until-another-user-logs-in/13489/2 but there was no explanation and no fix. This isn't really a good setup for me since the generated passwords are very long and complex. One thing I notice is that the PID of sshd changed, but that hasn't helped me diagnose the issue. In the other forum there's no mention of CIS hardening, and I don't have another test system where I want to try a fresh install, so I'm not sure if it's due to the lockdown. Any ideas? Edit 1: once ANY user has logged in, in any way (like with ssh key), then pasting the password also works. So it does not have to be entered manually once, the requirement is someone (anyone) has to log in once, then pasted passwords work. Edit 2: like the person in the link it is related to the terminal, I was using SecureCRT. When I ssh using regular command prompt, the pasted password works immediately after reboot. I would prefer to find a real reason for this, because this seems to be specific to RHEL9, and in this environment SecureCRT is the app that users are provided. Edit 3: successfully sshing from a different terminal does NOT fix the password paste issue in SecureCRT. You still have to connect *once* from SecureCRT and after that you can reconnect by pasting a password. (and I mean really reconnect, no ControlMaster)