Yes, it’s a mountain in many cases and we can choose to ignore the legislation in the knowledge that it’s highly unlikely that the GDPR police will send the SWAT team on a random visit.
More important perhaps is the spirit of the legislation to respect our guests' right to their privacy (whilst also being aware of the actions they can take if we don’t).
I agree that an image of the guests’ comments is more valuable than typed up text, and there is nothing to stop anyone using an image of the comments (handwriting - certainly in isolation - is not regarded as PII; a full read of the ICO documentation on PII will reveal all manner of possible identifiers that may contribute to identification in certain circumstances if anyone is remotely interested.)
Whilst being wary of taking one statement in isolation, this is a reasonable guideline:
If it is possible to identify an individual directly from the information you are processing, then that information may be personal data.
You have to decide if a combination of name, where the guest is from, when they stayed and where would be enough (directly) to identify that person; displaying comments anonymously is a simple safeguard and will generally remove the issue.
It is also perhaps a simple courtesy to anonymize information that you are choosing to put into the public domain, regardless of what the individuals choose to put out themselves. If I saw a public reproduction of a comment I’d left alongside my name, and I hadn’t given explicit permission for it to be used, I would not be happy about it.