I’m concern about a security issue with Hassio, access physically is really simple, root with no password, and then login command to get access to the linux system.
Just use docker commands to get a bash login to the homeassistant container and someone who has physical access to (or stole) my Raspberry could have access to my configuration files and even my secrets.yaml with all my passwords as plain text.
Trying to avoiding this just tried to use the passwd command to change root to any password (this is a little bit more secure), but I found that the root filesystem is mounted as read-only, I looking for a guide to make a simple root password change for console access, but nothing found.
Do you know how to change the console root password ? and even why there is no documentation about this or any security guidance throw physical access.
Thanks in advance.