There's two very different parts to your question. You can monitor who's logging into your system using the last command. This will include people who log in using ssh.
Monitoring what people are doing is a lot more difficult. As mentioned before, you can review shell history, but if you suspect someone of doing something naughty, if would be easy for them to cover their tracks by overwriting the history file. There are packages to allow you to do audit this in a secure fashion, but the ones I am aware of are paid for products, such as Powerbroker (http://www.symark.com/products/pboverview.html
Unfortunately, Linux doesn't have a central accounting/audit file where all this stuff is stored, although most apps (like ftp, ssh, telnet) will drop a note in the /var/log/messages file when someone logs in or out
Hope this helps