Let's have a look at what's happening:
sudo asks for your user password and runs
su changes your current user to be
su doesn't ask for a password again as it's executed as root).
this will change your root password as you are
root right now.
changes to the
user user (you could also enter
exit to leave the session as
root, no password asked for
su because you are root right now)
sudo asks again for your user password which is still
changeme as you've changed only the root password. (if you enter just
sudo you will be asked for your new root password)
The solution for your problem: just execute "
user or "
passwd user" as
See also the corresponding wiki entry: https://www.whonix.org/wiki/Post_Install_Advice#Change_Passwords