Passwordless auto boot in to root on Wmware console/terminall


First I’d like to thank you in advance for looking to this topic with your suggestions. And I hope your input can benefit not only to all user in this forum but also extend to public Linux users who might have similar questions.

My background is in Windows, but with some basic knowledge about Linux operation. So continuing learning Linux (i.e AlmaLinux) is what I would like to do. So I appreciate for detail of configuration step as much as possible.

I refer to a fresh installation of the current release AlmaLinux Os 9.3 that I have downloaded in last week.

I’ve installed it on Esxi at home with minimal software option for testing. My focus at this point in time is secured it, but have some a proper “backdoor” just in case. Therefore I have successfully applied standard settings based on Almalinux OS CIS level 1 benchmark via openscap. One of the relevant hardening aspect that I can confirm working is disabling root ssh, only enabling ssh for one normal local user account (i.e username = user1). This user1 can elevated with full admin right as root only via sudo command only, but disable this user switch to root by disable execute both su and sudo su command.

However for a situation when password of user1 is lost or sudoer is broken for what ever reasons are, I have thought if it is possible for an last resource gaining access into AlmaLinux OS 9.3 from esxi console and VMware Remote Console and passwordless. That is once I invoke the console from within esxi, the AlmaLinux VM will present me the terminal as root which had already automatically without any interactive (i.e no keying username and password of root). And it is nice to include a custom banner different from /etc/issue nor /etc/ file.

Please note I would like to keep all mentioned hardening settings (including password policy) as per Almalinux OS CIS level 1 benchmark as they are now. Therefore blank password for root is not an option despite it is passwordless for root via Vmware console and WMWare Remote console.

Once again thank you very much for your response at your earliest convenience.