- Antonomasia [0] wrote a patch for bash which captures keystrokes and forwards
  them via syslogd.
- I updated [1] the Antonomasia patch to bash-2.05b and he put a reference on
  his Honeypot Contributed Code [2] website (2003-06-01).
- Anton A. Chuvakin [3] improved the Antonomasia patch allowing bash to send
  keystrokes via UDP.
- I updated [4] the Chuvakin patch to be applicable to bash-2.05b and improved
  it with some little security issues (like pclose, free...) and small changes
  to the code to made it more compact and clean.
- Lance Spitzner [5] (2004-03-12) put it on The Honeynet Project [6].
- I updated it to be applicable to bash-3.0 and put it here [7].
- Later (2004-12-14), it was listed [9] on the FSF/UNESCO Free Software
  Directory [10].
- Benjamin Gigon [11] (2005-02-28) sent me a patch he made for
  linux-vserver.org that "integrate hostname into log". I modified it and I put
  it here [12] (to use it, you have to apply first [7] to bash-3.0 [13]).
- I updated bash-3.0-perassi.patch [7] to be applicable to bash-3.1 and put it
  here [14].

If you want to use something in kernel space, try sebek [8].

 [0] http://www.notatla.org.uk/
 [1] http://www.linux.it/~carlo/somehacks/bsp/
 [2] http://www.notatla.org.uk/SOFTWARE/honeypot_code_description.html
 [3] http://chuvakin.org/
 [4] http://www.linux.it/~carlo/somehacks/bup/bash-2.05b-syslog_udp01.patch
 [5] http://www.spitzner.net/
 [6] http://www.honeynet.org/tools/dcapture/bash-perassi.patch
 [7] http://www.linux.it/~carlo/somehacks/bup/bash-3.0-perassi.patch
 [8] http://www.honeynet.org/tools/sebek/
 [9] http://directory.fsf.org/network/security/bup.html
[10] http://directory.fsf.org/
[11] bgigon mandrakesoft com
[12] http://www.linux.it/~carlo/somehacks/bup/gigon-3.0-patch
[13] http://www.gnu.org/software/bash/bash.html
[14] http://www.linux.it/~carlo/somehacks/bup/bash-3.1-perassi.patch