Pi is Dead. Long Live Pi

calendar

April 8, 2022

categories
News
tags
raspberry pi

Content:

Well maybe, unless you name your user Pi.

A recent update to Raspberry Pi OS has removed the default ‘pi’ user from the system, instead prompting the user to enter a username at first boot.

The change is designed to improve the security of the system. The default username/password is widely known, making Pi users who choose not to change these vulnerable to hackers.

It’s also possible to preconfigure an image with a username/password, if you’re using the official Raspberry Pi Imager tool.

Headless Users

For headless users creating a user at first boot is somewhat tricky, what with the lack of system access.

Instead, you can create a file on the /boot partition, similar to the method of enabling ssh on headless systems. The file needs to be called either userconf or userconf.txt.

This file should contain the username, followed by the encrypted password, separated by a colon.

username:encrypted-password

To generate the encrypted password, you can use OpenSSL.

echo 'mypassword' | openssl passwd -6 -stdin

Replace ‘mypassword‘ with the password you wish to use. Use the output of this command as the encrypted password in your userconf file.

If you like what we do, consider supporting us on Ko-fi