UCF STIG Viewer Logo

The Photon operating system must configure Secure Shell (SSH) to disallow authentication with an empty password.


Finding ID Version Rule ID IA Controls Severity
V-258870 PHTN-40-000207 SV-258870r933671_rule High
Blank passwords are one of the first things an attacker checks for when probing a system. Even if the user somehow has a blank password on the OS, SSH must not allow that user to log in.
VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 Security Technical Implementation Guide 2023-10-29


Check Text ( C-62610r933669_chk )
At the command line, run the following command to verify the running configuration of sshd:

# sshd -T|&grep -i PermitEmptyPasswords

Example result:

permitemptypasswords no

If "PermitEmptyPasswords" is not set to "no", this is a finding.
Fix Text (F-62519r933670_fix)
Navigate to and open:


Ensure the "PermitEmptyPasswords" line is uncommented and set to the following:

PermitEmptyPasswords no

At the command line, run the following command:

# systemctl restart sshd.service