Rootsh is a wrapper for shells which logs all echoed keystrokes and terminal output to a file and/or to syslog. It's main purpose is the auditing of users who need a shell with root privileges. They start rootsh through the sudo mechanism.
License
GNU General Public License version 2.0 (GPLv2)Follow rootsh
nel_h2
Build Securely on AWS with Proven Frameworks
Moving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
Rate This Project
Login To Rate This Project
User Reviews
-
I test many programs be like logkeys, Snoopy Logger, strace, auditctl, ... But "rootsh" is best of logger program. Thanks for perfect software.
-
how to do to run rootssh automatically from the beginning session logging ? I mean, not manual starting ----- The solution was to add in /etc/profile or .bash_profile # gf if [ -f /usr/bin/rootsh ] ; then /usr/bin/rootsh --no-logfile fi it's important the option --no-logfile to avoid any message to the users and loss her tracking. too, not to add this entries to .bashrc because it opens internal pts terminals in bucle
-
It saves my time. highly recommended
-
pretty cool thing for shell logging!!!!
-
Great tool for system admin...