An override terminal exists for root in case the security databases become corrupted and all logins are disallowed. This is a special entry in the file /etc/default/login. The entry identifies the tty to be used when doing an override login for root. The default entry (shown below) permits root to log in on /dev/tty01, also known as the first multiscreen on the console. You can change this default to be another login device.
OVERRIDE=tty01When the databases are compromised and root logs in on the override terminal, this message is displayed:
The security databases are corrupt. However, login at terminal tty is allowed.When the account is locked and root logs in on the override terminal, this message is displayed:
Account is disabled but console login is allowed.The tty used should be physically secure; remember that normal terminal locks do not apply to the superuser account on this tty.