Allow passwordless root login on the serial console
After some experimenting, I've got something that works:
systemctl edit [email protected], and add the following:
[Service] ExecStart= ExecStart=-/sbin/agetty -o '-p -- \\u' --keep-baud 115200,38400,9600 --noclear --autologin root ttyS0 $TERM
This will cause
agettyto auto-login the
rootuser, but with only this change the system will still prompt you for the root password.
We can configure
rootlogins on the console without a password. Add the following to the top of
auth sufficient pam_listfile.so item=tty sense=allow file=/etc/securetty onerr=fail apply=root
This will cause the PAM stack to check for the login tty in
/etc/securetty, and to skip other authentication mechanisms if it finds it.
Add the serial port to
# echo ttyS0 > /etc/securetty
With these changes in place, you'll see the following on the serial console when you boot:
CentOS Linux 8 (Core) Kernel 4.18.0-80.11.2.el8_0.x86_64 on an x86_64 localhost login: root (automatic login) Last login: Sun Nov 17 00:29:36 on ttyS0 [[email protected] ~]#
...and if you log out, you'll end up right back at the shell prompt.
Note that I've used the filename
/etc/securetty here, which in days of yore actually did something else (it controlled terminals on which
root was allowed to log in). So if that bothers you, use a different file :).