======5.2.9 Ensure SSH PermitEmptyPasswords is disabled (Scored)======
=====Profile Applicability=====  
<code>
Level 1 - Server
Level 1 - Workstation 
</code>

=====Description=====
The ''PermitEmptyPasswords'' parameter specifies if the SSH server allows login to accounts with empty password strings.

=====Rationale=====
Disallowing remote shell access to accounts that have an empty password reduces the probability of unauthorized access to the system

=====Audit===== 
Run the following command and verify that output matches:
<Code:bash>
# grep "^PermitEmptyPasswords" /etc/ssh/sshd_config 
PermitEmptyPasswords no
</Code>

=====Remediation===== 
Edit the ''/etc/ssh/sshd_config'' file to set the parameter as follows:
<Code:bash>
PermitEmptyPasswords no
</Code>