Keylogger or Keystroke logger is some kind of software or hardware device (or may be combination of both) that is used to track the keys struck of the keyboard (The process is called ‘keylogging’) in such a way that the person whose keyboard actions are being monitored is totally unaware of that. Therefore keylogger can be used in many situation for getting all the data entered (So if the user press any key then it will be recorded) from keyboard e.g Passwords, Credit Card, critical conversation (mail, IRC chat …) and other confidential information.

Keylogger is one of the most popular spying software in the history of computer. This post is aimed to explain about a free and open source keylogger software (desktop utility) and hardware devices that you can use on Ubuntu (11.10/10.10/10.04/11.10).

So what do you think about keylogger ? is it really illegal to monitor someone’s keystrokes (of course without permission, otherwise there will be no problem at all – In that case either the user won’t use the system or they don’t care!) ? it depends! (it can be called legal if you are not using the captured data to harm others; certainly you have full right to install such Apps or monitor keyboard activities on your computer) but in some situation it may be really useful; you can easily guess when, Right? Just Think about it.

Software Keylogger for Ubuntu

keylogging-on-ubuntu

A number of keylogging programs/applications are available for Ubuntu, and a good one that I’ve used is logkeys. Logkeys is a keylogger for Linux based operating system, it’s free and open source (hosted at Google Code). it has a lot of advanced features and it works smoothly in the background.

How to Install Logkeys Keylogger on Ubuntu

Open terminal and type the command (Enter your password if required)

sudo apt-get install logkeys

Using Logkeys to start keylogging process

Open terminal and type (it will create a log file in your current directory (most probably in your /home/your_user_name/spy.log), where your target file will be stored)

touch spy.log
sudo logkeys --start --output spy.log

Now your keylogger is running in background you can close the terminal. The output will be stored in the spy.log (it’s just for example purpose, don’t use filenames like this 🙂 ).

kill logkeys process to stop keylogging

sudo logkeys  --kill

Reading keystrokes recoreded by keylogger

strings spy.log

Read official Documentation for more options and tutorials.

Hardware Keylogger for Ubuntu

There are many hardware based devices available for capturing keyboard events. Some of them works at BIOS level while some are based on keyboard level. They do not need any software to capture keyboard strokes, but it can’t be done remotely, because you need physical access to the computer.

(1)  4MB USB Keylogger

usb-keylogger

It doesn’t require any driver or software and works with all Linux based OS as well as with Windows XP/Vista/7. it is capable of recording all keys strokes.

Buy it from Amazon (Price : $68.99)

(2)  64K PS/2 hardware keylogger

ps2-keylogger

Buy it from Amazon (Price : $39.89)

How to protect yourself from keyloggers

Many of us uses public computer or  any computer other than your personal one, in that case there might be a keylogger running on that system. Really ? yeah! but don’t worry it’s very simple to protect from most of the keyloggers. The simple tips is to always use on-screen keyboard to enter confidential data on untrusted computers, although you should also avoid using public computer for such confidential work.

Warning!  The purpose of this post is to explain keylogging on Ubuntu! So if you use this information for illegal activities then you will be responsible. Remember, whether the keylogging is legal or illegal, it all depends on how you are using the captured data (Your Karma and intention), e.g just for learning or research => legal use; on the other hand if you use it for cracking into other accounts or stealing credit card details then of course it will be illegal.

Join the Conversation

22 Comments

      1.  my frnd knws ma passwod and he done something to ma keylogger if i turn on keylogging it says u don hav enough permisssion to access it..  how can i rectify this???

        1. Give permissions to execute chmod -x logkeys, or try executing by sudo , is the only way that I know.

  1. Is it possible to run logkeys without sudo command? I always get this message: “Got r00t?”

    1. No, you must to execute with root permission , bring the permissions to the program with chmod 777 logkeys, or look above. 777 (all permission , all users more or less).

  2. Can you please tell me how to disable  pen drive and cd rom access for particular user in ubuntu 11.10
    do we need to use some kind of tools for that or use the command line?

    please reply ASAP. 

    1. Mmm I don’t know but you could set the permission to the users with chmod, read about that, is easy to use.

  3. Just for the record, since you mentionned research…  you cannot publish data collected without consent. While I’m not sure whether it is literally illegal, and I doubt you’d get penalized for plageurism or anything for a class paper, it will get your license revoked or at the least be a black mark on your resume.

  4. what happens to keylogging when the computer is restarted does it will run again automatically..or should i have to start it again…

    1. The process is killed , but you could try to edit /etc/rc.local (I Don’t remerber well) and put there the script to start the process, I mean, logkeys –start –output ..
      This file ejecute it self with root permisssion , so it’ll begin with all users.

      1. Hello Gerdario, i tried editing /etc/rc.local and i appended 2 lines,

        touch /home/x/spy.log
        logkeys –start –ouput spy.log
        exit 0

        then i restarted my system. It created a file called spy.log in my home directory, but it is not making any logs of keystrokes made by the user after the system restart. Is this the way to do?

        1. You must to create the file spy.log one time.

          1. Open terminal. touch /home/x/spy.log
          2.go to /etc/rc.local an put the absolute trace logkeys –start –ouput /home/x/spy.log(Dont create the file spy.log, its already created).

          3. Thats all save, and restart. I remerber that works fine, let me know how’s going.

  5. “Couldn’t find package logkeys”
    the above error is coming while i am installing logkeys so what to do?

    1. You should try :
      apt-get update
      apt-get upgrade

      and then try apt-get install logkeys, maybe this could fix the problem.

  6. I am using Logkeys in my newly installed Ubuntu 12.04 & it works properly. But I want to remove my old log (more than 30 days) form the log file (/var/log/logkeys.log). Please help me on this issue. How can I do that?

    1. You should try :

      sudo touch /var/log/logkeys.log
      or cd /var/log… and then rm -r logkeys.log and later touch logkeys.log
      or echo “write somthing” > /var/log/logkes.log
      the idea is delete the file or rewrite it

  7. i am not able to install the same in ubuntu 12.04 and 12.10, any idea relating how to install keylogger in it

  8. this sounds really stupid but how do you open the terminal
    i’m new to linux and stuff

Leave a comment

Leave a Reply to Zaid Cancel reply

Your email address will not be published. Required fields are marked *