Detections
Analytics
ESXI-06-000015 - The SSH daemon must not allow authentication using an empty password.
Information
Configuring this setting for the SSH daemon provides additional assurance that remote login via SSH will require a password, even in the event of misconfiguration elsewhere.Solution
To explicitly disallow remote login from accounts with empty passwords, add or correct the following line in '/etc/ssh/sshd_config':PermitEmptyPasswords no
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMware_vSphere_6-0_ESXi_V1R5_STIG.zip
Item Details
Audit Name: DISA VMware vSphere ESXi 6.0 STIG v1r5 Unix
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-5, CAT|I, CCI|CCI-000366, Group-ID|V-63199, Rule-ID|SV-77689r1_rule, STIG-ID|ESXI-06-000015, Vuln-ID|V-63199
Plugin: Unix
Control ID: 4eca4d8997857269baafd87fd31564ad9fe6e59dac6f43cb29ce1f2694b23c5c