How to Monitor Keyboard Keystrokes Using ‘LogKeys’ in Linux
Key Logging is the process of storing keystrokes with/without the knowledge of user. Keylogging can be hardware based as well as software based. As clear from the name, a hardware based keylogger does not depends upon any software and keystroke logging is done at hardware level itself. Whereas a software based keylogger depends upon a special software for keylogging.
There are number of keylogger software applications for almost all the platforms be it Windows, Mac, Linux. Here we are throwing light on an application package called Logkeys.
What is Logkeys?
Logkeys is a Linux keylogger. It is more updated than any other available keylogger, Moreover logkeys don’t crash the X server, and appears to work in all the situations. Logkeys creates a log of all characters and function keys. Moreover logkeys are aware of Alt and Shift and works well with serial as well as USB keyboards.
There are a lot of keyloggers available for Windows but this is not the case with Linux. Logkeys is not better than any other keylogger application for Linux but certainly it is more updated than other.
- Fixed CPU issue on X86_64
- Bug Fixes
- pgrep Dependency, Removed
- Process ID (PID) available in /var/run
- Vulnerability Fix
- Security Fix
- Remote log uploading on HTTP
- Recognise USB Keyboard
Installation of Logkeys in Linux
If you’ve ever installed a Linux tarball packages from source, then you can easily install logkeys package. If you haven’t ever installed a package in Linux from source yet, then you need to install some missing packages like C++ compilers and gcc libraries before proceeding for installation from source.
Let’s proceed for the installation, first go and grab the latest logkeys (i.e. version logkeys 0.1.1a) source tarball package at:
You may also use wget command to download the latest source and install it as shown below.
$ sudo apt-get install build-essential [on Debian based systems]
# yum install gcc make gcc-c++ [on RedHat based systems]
$ wget https://logkeys.googlecode.com/files/logkeys-0.1.1a.tar.gz $ tar xvzf logkeys-0.1.1a.tar.gz $ cd logkeys-0.1.1a $ ./configure $ make $ sudo make install
Now run the locale-gen.
$ sudo locale-gen
Generating locales... aa_DJ.UTF-8... done aa_ER.UTF-8@saaho... done aa_ER.UTF-8... done aa_ET.UTF-8... done af_ZA.UTF-8... done am_ET.UTF-8... done an_ES.UTF-8... done ar_AE.UTF-8... done ar_BH.UTF-8... done ar_DZ.UTF-8... done ar_EG.UTF-8... done ar_IN.UTF-8... done ar_IQ.UTF-8... done ar_JO.UTF-8... done ar_KW.UTF-8... done ar_LB.UTF-8... done ar_LY.UTF-8... done ar_MA.UTF-8... done ar_OM.UTF-8... done ar_QA.UTF-8... done ar_SA.UTF-8... done ar_SD.UTF-8... done ....... Generation complete.
Usages of logkeys
- logkeys s : Start logging keypress.
- logkeys k : Kill logkeys process.
For detailed information of logkeys usages option, you can always refer to.
# logkeys –help or # man logkeys
Starting the application logkeys using the following command.
$ sudo logkeys -s
Now running a lot of commands.
# ls # pwd # ss # ifconfig
Terminate the process logkeys.
# logkeys -k
Check the log file which by default is ‘/var/log/logkeys.log‘.
# nano /var/log/logkeys.log
Future Developments Planned
- To add support for sending logs via email
- To add support for logging clipboard content
- To add support for mouse event/mouse click event
All the information provided is strictly for educational purpose, Tweaking this article by any means or using the above information to log others users machine is against law and punishable. That’s all for now. Don’t forget to provide us with your valuable feedback. Stay tuned, healthy and connected to Tecmint for more Linux and FOSS news.