Information
The PermitEmptyPasswords value allows for direct login through SSH without a password by a remote user/application to resources on the local host in the same way a standard remote login would.
Rationale:
Permitting login without a password is inherently risky.
Solution
Perform the following to implement the recommended state:
# awk '/^.PermitEmptyPasswords/ { $1 = 'PermitEmptyPasswords' ; $2 = 'no' } { print }' /etc/ssh/sshd_config > /etc/ssh/sshd_config.CIS
# mv /etc/ssh/sshd_config.CIS /etc/ssh/sshd_config
# svcadm restart svc:/network/ssh