Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ======5.2.9 Ensure SSH PermitEmptyPasswords is disabled (Scored)====== =====Profile Applicability===== <code> Level 1 - Server Level 1 - Workstation </code> =====Description===== The ''PermitEmptyPasswords'' parameter specifies if the SSH server allows login to accounts with empty password strings. =====Rationale===== Disallowing remote shell access to accounts that have an empty password reduces the probability of unauthorized access to the system =====Audit===== Run the following command and verify that output matches: <Code:bash> # grep "^PermitEmptyPasswords" /etc/ssh/sshd_config PermitEmptyPasswords no </Code> =====Remediation===== Edit the ''/etc/ssh/sshd_config'' file to set the parameter as follows: <Code:bash> PermitEmptyPasswords no </Code> centos7/5/2/9.txt Last modified: 2017/05/04 19:21by Piotr Kłoczewski