How to Install Logkeys to monitor Keyboard strokes in Linux
To Monitor Keyboard Keystrokes Using ‘ LogKeys’ in Linux
Key Logging is the technique of storing keystrokes with or without the knowledge of the user. Keylogging can be hardware or software based. A hardware based keylogger does not depend upon any kind of software and keystroke logging is performed at hardware level, whereas a software based keylogger depends upon a special kind of software for keylogging.
There are several keylogger software applications for all platforms such as Windows, Mac and Linux. Instructions to Monitor Keyboard Keystrokes Using ‘ LogKeys’ in Linux is explained in this tutorial.
Log Keys
Logkeys is a Linux keylogger, which is more updated than any other keylogger. Logkeys generate a log of all characters and also function keys. They are also aware of Alt and Shift and perform well with serial and USB keyboards.
Features of Logkeys
- Fix Security
- Remote log uploading on HTTP
- USB Keyboard Recognization
- pgrep Dependency, Removed
- Process ID (PID) available in /var/run
- Fix Vulnerability
- Fixed CPU issue on X86_64
- Bug Fixes.
To Install Logkeys in Linux
On Debian based systems
$ sudo apt-get install build-essential
On RedHat based systems
[root@linuxhelp ~]# yum install gcc make gcc-c++
Loaded plugins: fastestmirror, refresh-packagekit, security
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: ftp.iitm.ac.in
* extras: ftp.iitm.ac.in
* updates: ftp.iitm.ac.in
Package 1:make-3.81-20.el6.x86_64 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package gcc.x86_64 0:4.4.7-16.el6 will be installed
---> Package gcc-c++.x86_64 0:4.4.7-16.el6 will be installed . . .
.
.
.
Installed:
gcc.x86_64 0:4.4.7-16.el6 gcc-c++.x86_64 0:4.4.7-16.el6
Complete!
Run ' wget' command to download and install the latest source.
[root@linuxhelp ~]# wget https://logkeys.googlecode.com/files/logkeys-0.1.1a.tar.gz
--2016-05-21 01:31:13-- https://logkeys.googlecode.com/files/logkeys-0.1.1a.tar.gz
Resolving logkeys.googlecode.com... 74.125.130.82, 2404:6800:4003:c01::52
Connecting to logkeys.googlecode.com|74.125.130.82|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 109568 (107K) [application/x-gzip]
Saving to: “ logkeys-0.1.1a.tar.gz”
100%[===========================================================================> ] 109,568 346K/s in 0.3s
2016-05-21 01:31:14 (346 KB/s) - “ logkeys-0.1.1a.tar.gz” saved [109568/109568]
Now extract the downloaded tar package by using the following command.
[root@linuxhelp ~]# tar xvzf
logkeys-0.1.1a.tar.gz
logkeys-0.1.1a/
logkeys-0.1.1a/Makefile.am
logkeys-0.1.1a/depcomp
logkeys-0.1.1a/build/.svn/tmp/text-base/ . . .
.
.
.
logkeys-0.1.1a/TODO
Go to the extracted directory and then execute the configure and make script.
[root@linuxhelp ~]# cd logkeys-0.1.1a [root@linuxhelp logkeys-0.1.1a]# ./configure checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking for a thread-safe mkdir -p... /bin/mkdir -p . . . . config.status: creating scripts/Makefile config.status: creating config.h config.status: executing depfiles commands
[root@linuxhelp logkeys-0.1.1a]# make
make all-recursive make[1]: Entering directory `/root/logkeys-0.1.1a'
Making all in src
make[2]: Entering directory `/root/logkeys-0.1.1a/src'
g++ -DHAVE_CONFIG_H -I. -I.. -Wall -O3 -DSYS_CONF_DIR=" /usr/local/etc" -MT logkeys.o -MD -MP -MF .deps/logkeys.Tpo -c -o logkeys.o logkeys.cc
.
.
.
make[1]: Leaving directory `/root/logkeys-0.1.1a'
[root@linuxhelp logkeys-0.1.1a]# make install
Making install in src
make[1]: Entering directory `/root/logkeys-0.1.1a/src'
make[2]: Entering directory `/root/logkeys-0.1.1a/src'
.
.
.
make[2]: Leaving directory `/root/logkeys-0.1.1a'
make[1]: Leaving directory `/root/logkeys-0.1.1a'
To Run the locale-gen
$ sudo locale- gen
Run the following command for detailed information of logkeys usages option.
[root@linuxhelp logkeys-0.1.1a]# logkeys --help
Usage: logkeys [OPTION]...
Log depressed keyboard keys.
-s, --start start logging keypresses
-m, --keymap=FILE use keymap FILE
-o, --output=FILE log output to FILE [/var/log/logkeys.log]
-u, --us-keymap use en_US keymap instead of configured default
-k, --kill kill running logkeys process
-d, --device=FILE input event device [eventX from /dev/input/]
-?, --help print this help screen
--export-keymap=FILE export configured keymap to FILE and exit
--no-func-keys log only character keys
--no-timestamps don' t prepend timestamps to log file lines
--post-http=URL POST log to URL as multipart/form-data file
--post-size=SIZE post log file when size equals SIZE [500k]
Examples: logkeys -s -m mylang.map -o ~/.secret-keys.log
logkeys -s -d event6
logkeys -k
logkeys version: 0.1.1a
logkeys homepage: < http://code.google.com/p/logkeys/>
[root@linuxhelp logkeys-0.1.1a]# man logkeys
Use the following command, to start the application logkeys.
[root@linuxhelp logkeys-0.1.1a]# logkeys -s
Now it will execute a lot of commands.
To Terminate the process logkeys
[root@linuxhelp ~]# logkeys -k
Check the log file that is by default available in ‘ /var/log/logkeys.log‘ .
[root@linuxhelp ~]# vim /var/log/logkeys.log
Logging started ...
2016-05-21 01:34:19+0530 > ls
2016-05-21 01:34:35+0530 > < #+2> cd /mnaan
2016-05-21 01:34:44+0530 > cd ..
2016-05-21 01:34:50+0530 > ll
2016-05-21 01:34:55+0530 > logkeys -k
2016-05-21 01:35:15+0530 >
Logging stopped at 2016-05-21 01:35:15+0530
# vim /var/log/logkeys.log
use following link for reference
https://sourceforge.net/projects/lkl/
# apt-get install logkeys
# Skeylogger
# keysniffer
# logkeys -k