Re: [beagleboard] Auto root login from serial console only

[Robert Heller]

At Thu, 15 Apr 2021 07:44:05 -0700 (PDT) beagleboard@googlegroups.com wrote:

> 
> Anyone know how to allow auto root login from the serial console without a 
> password while still requiring a password for ssh?  This is really a worst 
> case recovery type thing where someone changes the default password and 
> forgets the new password.  Physical security should be adequate in this 
> case.

man getty

Specificly:

       -a, --autologin username
              Automatically log in the specified user  without  asking  for  a
              username  or  password.  Using this option causes an -f username
              option and argument to be added to the /bin/login command  line.
              See  --login-options,  which can be used to modify this option's
              behavior.

              Note that --autologin may affect the way how agetty  initializes
              the serial line, because on auto-login agetty does not read from
              the line and it has no opportunity optimize the line setting.

and also:

       -l, --login-program login_program
              Invoke the specified login_program instead of /bin/login.   This
              allows  the use of a non-standard login program.  Such a program
              could, for example, ask for a dial-up password or use a  differ†
              ent password file. See --login-options.

       -o, --login-options "login_options"
              Options  and arguments that  are passed to login(1). Where \u is
              replaced by the login name. For example:

                  --login-options '-h darkstar -- \u'

              See --autologin, --login-program and --remote.

              Please read the SECURITY NOTICE below before using this option.

       -p, --login-pause
              Wait  for  any  key before dropping to the login prompt.  Can be
              combined with --autologin to  save  memory  by  lazily  spawning
              shells.

                                          
systemd files of interest:

/etc/systemd/system/getty.target.wants/serial-getty@ttyGS0.service 
/lib/systemd/system/serial-getty@.service

The former is a symlink to the second, but you don't want to mess with the
second, but instead copy the second to someplace
(/usr/local/lib/systemd/system/ probably) and modify it (maybe rename it to
/lib/systemd/system/serial-getty-root@.service) and then change the
/etc/systemd/system/getty.target.wants/serial-getty@ttyGS0.service symlink.

Robert Heller             -- Cell: 413-658-7953 GV: 978-633-5364
Deepwoods Software        -- Custom Software Services
http://www.deepsoft.com/  -- Linux Administration Services
hel...@deepsoft.com       -- Webhosting Services

                                                                                
                     

-- 
For more options, visit http://beagleboard.org/discuss
--- 
You received this message because you are subscribed to the Google Groups 
"BeagleBoard" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to beagleboard+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/beagleboard/20210415165649.2F325223738%40sharky4.deepsoft.com.