UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Login must not be permitted with empty/null passwords for SSH.


Overview

Finding ID Version Rule ID IA Controls Severity
V-216355 SOL-11.1-040370 SV-216355r603267_rule High
Description
Permitting login without a password is inherently risky.
STIG Date
Solaris 11 SPARC Security Technical Implementation Guide 2023-05-17

Details

Check Text ( C-17591r371153_chk )
Determine if empty/null passwords are allowed for the SSH service.

# grep "^PermitEmptyPasswords" /etc/ssh/sshd_config

If the output of this command is not:

PermitEmptyPasswords no

this is a finding.
Fix Text (F-17589r371154_fix)
The root role is required.

Modify the sshd_config file

# pfedit /etc/ssh/sshd_config

Locate the line containing:

PermitEmptyPasswords

Change it to:

PermitEmptyPasswords no

Restart the SSH service.

# svcadm restart svc:/network/ssh