Why I should not change root password

Help and Support
1

@nerd

Raspberry Pi 5 Model B Rev 1.1 Version: b04171 - 2GB RAM - Volumio 4.062 - SD card 32 GB - LAN Internet Connection. Root password set via terminal after a fresh Volumio installation.

Password for volumio user - remains default.

I tried updating to the latest version and got this message:

Przechwycenie obrazu ekranu_2025-10-11_20-37-04
Przechwycenie obrazu ekranu_2025-10-11_20-37-041916×861 151 KB

2

This is big no for Volumio. This will break volumio.

3

I always set a password for the root user. In every installation, on every Linux based system (Debian - Ubuntu - Enigma 2 - Volumio).
Volumio works properly after setting a password for the root user.

Password for volumio user - remains default.

4

Not according your screenshot :wink:

Whenever a service or plugin is in need of sudo, it will fail because the credentials have changed.
For this reason the EEPROM update fails for you.

5

OK - I understand that the plugin works when no password is set for the root user.

7

There is a password set for the root user, but if you change it the plugin doesn’t know it and fails.

8

@Wheaten

So what is the default password for the root user in the Volumio distribution?

Is there no password set for the root user in Volumio at all?

9

volumio

volumio@rivo:~$ sudo su
[sudo] password for volumio:
bash-5.0# whoami
root

There are internal discussion to make it possible to change the default password, but since plugins/services rely on sudo (root) access, there is no easy solution.

11

Hey @tweed77,

Short version:

  • Do not set or change the root password on Volumio. It is unsupported and will break updates, plugins, and any non-interactive scripts that rely on the stock authentication flow.
  • Your EEPROM updater failed because a script expected the default, non-modified credentials flow and could not elevate without interaction.

Why it breaks things:

  • Volumio is an appliance OS, not a generic Linux workstation. Many backend tasks and plugins elevate with sudo in non-interactive contexts. If you alter root authentication, those calls start prompting or failing.
  • Some components assume the factory credential model and PAM/sudoers behavior and will not ask you for a new password mid-run. They just fail.
  • OTA/update integrity checks also expect a stock base system. Changing privileged auth paths is outside the supported surface.

Answer to your question:

  • Factory behavior: elevate with sudo using the default volumio credentials. If you run “sudo su”, you will be asked for the volumio user password. Do not set a separate root password.

How to recover:

  • Reflash Volumio to restore the supported authentication model.
  • Before you do, back up your data from the Internal share over the network. The music share is always available on the LAN, so copy your content from the Internal folder first.

If you want better security without breaking things:

  • Do not change the volumio user password.
  • Keep the device on your LAN only and block inbound WAN access at your router.
  • Disable SSH entirely when you do not need it.

If you already changed the root password, the only safe path is to reflash.

Kind Regards,

12

I changed the password for the root user from mine to the default volumio password.

The plugin worked correctly.

13

Please follow the provided instructions and reflash your device.
I’m not looking to engage in further debugging, especially when failures may stem from modifications like changing the root password.

Thank you for your understanding.

14

A post was merged into an existing topic: [PLUGIN] Raspberry Pi EEPROM Firmware Updater

15

My approach with Volumio is to disable password based login in SSH and only use keys. That way I am not as worried about the default passwords.