Cannot login via SSH (Permission Denied) on Raspberry Pi OS Bookworm Lite ARM64 with CM4/Yellow — Only NVMe boot, no SD card slot

mleas44 · June 13, 2025, 9:33am

Hardware: Raspberry Pi CM4, Home Assistant Yellow Boot support: Only NVMe SSD (NO SD slot available on Yellow board) Image: Raspberry Pi OS Lite Bookworm ARM64 (2025-05-13), flashed with Raspberry Pi Imager (latest, Windows)
What I did:
• Flashed the image to NVMe SSD via USB adapter, using Raspberry Pi Imager (latest) from Windows
• In advanced options (“gear” icon), set:
o Hostname: raspberrypi
o User: mleas
o Password: Mleas#2025
o Enabled SSH
o Wi-Fi disabled (I use Ethernet, Pi is visible and pings fine on the network)
• Flashed with “Erase” option before every attempt (all partitions deleted via Windows Disk Manager before writing)
• Boot: Device comes online, I can ping it on the network
Problem:
• SSH connection always fails:
ssh mleas@
Password: (I type Mleas#2025)
→ Permission denied, please try again.
• Tried alternate users (pi, admin…), tried multiple keyboards, checked QWERTY/AZERTY layout, typed password in Notepad and pasted = always fails
• No screen, no serial console access, no SD card slot, only NVMe boot
• No error during flash, tried different USB adapters/cables/PCs, nothing changes
Important: This setup DID work at the very beginning of my project (I could log in SSH with the custom user), but after several flashes (to try a Sonoff Zigbee key for Home Assistant), SSH login is now systematically denied.
No other media available to try. No SD card, no other boot device.
Question:
• What could cause SSH login to fail even when the custom user/password/SSH are correctly set in advanced options and flashed cleanly?
• Is there a bug with Raspberry Pi Imager and CM4/Yellow booting only from NVMe?
• Is there any trick to force SSH credentials on Bookworm ARM64 for this specific hardware?
Thanks a lot for any help. I’m stuck and open to any real-world tested workaround (even a post-flash hack using Windows/Mac/Linux if needed).

At this point, the only brute-force solution would be to try to manually inject a custom shadow or passwd file, but on ARM64, it’s not guaranteed without root access.
If you need a formatted post or a manual injection script (shadow/passwd or an SSH service allowing root login without password), let me know. Ready to try anything.
Thanks for reading. Any advice is welcome!

samrocketman · June 13, 2025, 11:27am

Caution: do not post your password publicly

Nobody needs to see it in order to help. I suggest not using that password going forward for any service or account log in.

You can mount your SD card and chroot in to create or update an account. For example on another Linux system plug your sdcard in.

Before you chroot

Install dependencies like Docker and the following packages

sudo apt-get install qemu binfmt-support qemu-user-static

After plugging in and mounting the sdcard you can run an arm flavor of shell in Linux to access it.

docker run --platform=linux/arm64 -it --rm --privileged -v /media/your/sdcard:/mnt -w /mnt ubuntu:22.04

Next chroot in

mount -o bind /dev /mnt/dev
mount -o bind /dev/pts /mnt/dev/pts
mount -o bind /sys /mnt/sys
mount -o bind /proc /mnt/proc
cp /etc/resolv.conf /mnt/etc/resolv.conf
chroot /mnt

You can now run commands as if the system were running. NOTE: you don’t have access to hardware this is just emulation.

You can do things like create an account or update a password.