The sniffy project can trace/log the data of any pseudo terminal in the system. Due to the way the terminal works, such a terminal trace provides complete information of what happened on the terminal screen, and sniffy is able to display/replay this information. It consists of a kernel module able to connect/hook on the pseudo terminal, a program to display the contents of any pseudo terminal on the fly, a daemon process tracing the pseudo terminal content into the file, and a replay program to replay any stored pseudo terminal session.
sudosh can be used as a default login shell or a filter that takes advantage of PTY devices in order to sit between the user's keyboard and a program, in this case a shell. It was designed specifically to be used in conjunction with sudo, and allows the execution of a root or application shell with logging. It is basically a VCR and will record root shell sessions and also has the ability to play back the sessions as they were originally recorded. It records all input/output, keyboard input, and timing information so that the session can be played back in the original format.
Hardened Debian improves Debian GNU/Linux with high security and hardening features, hardened kernels and packages, DHKP, and other security related enhancements. It makes systems more difficult to compromise using common attacks such as race conditions, chroot jail escapes, and buffer overflows.
epto is a small library and framework for industrial strength shell script programming with sh. It features convenient error handling, tracing, logging, option handling, documentation template, process level transaction safety (sort of), and more. If one is used to shell programming, it takes less than five minutes of learning to start using it (see the crash course in the README file).
xSH-Paranoia Patch is an project started for admins who work in large system environments. It allows you to see which user executes which command, when, where, and from what IP address. It logs everything to syslog, and with syslog-ng, you can log it to another machine where no user should/would have access. Currently supported shells are bash and tcsh.
guard bash is a shell wrapper that will execute an authentication phase before any command is executed. It uses a secret (user owned) algorithm method, and has a per user customizable procedure. If you need to connect to your computer from outside of your safe environment, even if you use SSH, you are vulnerable to simple attacks like key sniffing or to more complex attacks against SSH. If you have more than just one authentication method, you can more safely log in your account from an insecure Internet host.