From the man page:
xtrlock locks the X server till the user enters their password at the keyboard.
While xtrlock is running, the mouse and keyboard are grabbed and the mouse cursor becomes a padlock. Output displayed by X programs, and windows put up by new X clients, continue to be visible, and any new output is displayed normally.
Xtrlock is copyright (c) 1993,1994 by Ian Jackson and distributed under the GPL v2 (or newer).
I used the Debian version 2.0-12 and made it work with bsd_auth on OpenBSD. You can download the sources here: