Passwordless sudo + SSH Multiplexing negate the need for any back doors at the end of the day. As a bonus, anti-malware software will never detect or report on using ssh and sudo. Combine those with some obfuscation tools likely already installed on the victims machine called by a python or shell script and you can walk in the front door of just about any organization on earth.