How to confirm if SSH PermitEmptyPassword parameter is disabled to avoid the server allowing login with empty password string ?
search cancel

How to confirm if SSH PermitEmptyPassword parameter is disabled to avoid the server allowing login with empty password string ?

book

Article ID: 251423

calendar_today

Updated On:

Products

CA Identity Suite

Issue/Introduction

CentOS Linux 8 

The PermitEmptyPasswords parameter specifies if the SSH server allows login to accounts with empty password strings.

Customer need to confirm if SSH PermitEmptyPassword parameter is disabled to avoid the server allowing login with empty password string

Environment

Release : 14.4

Component :

Resolution

Vapp does not allow to a user login with an empty password. (PermitEmptyPasswords = no )

1. from Vapp Server, 

cat /etc/ssh/sshd_config | grep Permit

All this is restricted regarding Permit :


#PermitRootLogin yes
#PermitEmptyPasswords no
# the setting of "PermitRootLogin without-password".
#PermitTTY yes
#PermitUserEnvironment no
#PermitTunnel no
#       PermitTTY no
PermitRootLogin yes
PermitEmptyPasswords no
PermitUserEnvironment no

 

Powered by Wolken Software