Login on local terminal without password

Question

I have a virtual guest of Ubuntu on a KVM Machine, I've setup the machine so I can type virsh console and be dropped into a console.

I realise the security considerations here, but is it possible to set the guest up so that if a user connects via console they are automatically root without having to type in any password. However this is only for serial console and not for SSH or remote access.

This isn't really a KVM question but just a system setup, the console has been setup as a device on /dev/ttyS0.

Answer 1

edit /etc/init/tty1.conf:

sudo nano -w /etc/init/tty1.conf

replace the content with the following:

# tty1 - getty
#
# This service maintains a getty on tty1 from the point the system is
# started until it is shut down again.

start on stopped rc RUNLEVEL=[2345] and (
            not-container or
            container CONTAINER=lxc or
            container CONTAINER=lxc-libvirt)

stop on runlevel [!2345]

respawn
exec /sbin/getty --autologin root -8 38400 tty1

the important change is the last line includes --autologin root as an argument.

Once the change is made it can be activated with a reboot or by running sudo stop tty1 && sudo start tty1

Answer 2

And now, the systemd answer.

As discussed, Daniel Llewellyn's answer is upstart-specific and misses that this is for changing the serial device login, not the kernel virtual terminal device login. In the systemd world, this distinction is important.

In the systemd world, you similarly (to upstart) have to adjust what command options a particular getty program is spawned with to include --autologin root. Whilst there are two ways to do this with a kernel virtual terminal, there's really only one for a serial device, because there's no tweakable service alias akin to autovt@.service for serial device login services.

Write one or more unit file override files under /etc/systemd/system with systemctl edit serial-getty@ttyS0.service or just directly with a text editor. Change the ExecStart setting by first having a line that clears it and then having a replacement line:

[Service]
ExecStart=
ExecStart=/sbin/agetty --autologin root -8 --keep-baud 115200,38400,9600 ttyS0 $TERM

Further reading

• https://askubuntu.com/a/621209/43344
• https://unix.stackexchange.com/a/194218/5132
• https://askubuntu.com/a/659268/43344