There's nothing like empirically testing things so:
- the PAM securetty has a "debug" switch. Maybe using it shows which TTY device is accessed when logging in over KVM, or
- just log in over KVM and then check which TTY device is used, or
- unset console anyway, try logging in over KVM and use a timer to reset 10 minutes afterwards:
Code:
sed -i 's|^console|#\0|' /etc/securetty
/sbin/service atd restart && echo "sed -i 's|^#console$|console|' /etc/securetty"|/usr/bin/at now + 10 minutes