Change Hassio Base System / Console root Password

cjacunad · January 30, 2021, 3:36am

Hi,

I’m concern about a security issue with Hassio, access physically is really simple, root with no password, and then login command to get access to the linux system.

Just use docker commands to get a bash login to the homeassistant container and someone who has physical access to (or stole) my Raspberry could have access to my configuration files and even my secrets.yaml with all my passwords as plain text.

Trying to avoiding this just tried to use the passwd command to change root to any password (this is a little bit more secure), but I found that the root filesystem is mounted as read-only, I looking for a guide to make a simple root password change for console access, but nothing found.

Do you know how to change the console root password ? and even why there is no documentation about this or any security guidance throw physical access.

Thanks in advance.

coolkeum · December 23, 2020, 10:32pm

Hi,

I encounter the same issue with this empty root password in the HassOS operating system…

In the online help, many times we can found that the username is root with no password but I can’t find any way to change this wheras we have to for security reasons !

I also tried the passwd command after login but I obtained the following error :

/bin/ash: passwd: not found

If you have solved your problem since january, I’m listening

Seth_Daemen · December 24, 2020, 8:13pm

Anyone a solution to change the password?

Chi2Co · January 17, 2021, 8:12pm

Hallo,

try this:

Connect via SSH to your RPi-instance…
Then Login with the user root without a password.

Type in this now:

 passwd

There is a SPACE before “passwd”

Follow the instructions for a new password.

Reboot and everything is fine.

coolkeum · January 18, 2021, 7:48pm

Thanks you for your solution but, with or without space before the command, I have exactly the same result : passwd not found.

kernelpanic1 · February 26, 2021, 3:27pm

I am also looking for a way to change the HassOS console password for root. Is there really no way to do this? That would be a major security hole if so. Anyone could connect to physical console, type root, and they are in…

kernelpanic1 · March 4, 2021, 4:14pm

I have opened a feature request for this:

https://community.home-assistant.io/t/hassos-console-password/286654