UBTU-20-010047 - The Ubuntu operating system must not allow unattended or automatic login via SSH - PermitEmptyPasswords

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Failure to restrict system access to authenticated users negatively impacts Ubuntu operating system security.

Solution

Configure the Ubuntu operating system to allow the SSH daemon to not allow unattended or automatic login to the system.

Add or edit the following lines in the '/etc/ssh/sshd_config' file:

PermitEmptyPasswords no
PermitUserEnvironment no

Restart the SSH daemon for the changes to take effect:

$ sudo systemctl restart sshd.service

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_CAN_Ubuntu_20-04_LTS_V1R4_STIG.zip

Item Details

References: CAT|I, CCI|CCI-000366, Rule-ID|SV-238218r653829_rule, STIG-ID|UBTU-20-010047, Vuln-ID|V-238218

Plugin: Unix

Control ID: a64b7a039861198e4991af3a3b1d04be435a3f20e1e8ea053665f738fa5a40c2