Check: OSX00180 M6
MACOSX 10.6:
OSX00180 M6
(in version v1 r3)
Title
OSX00180-SSH must not allow empty passwords. (Cat I impact)
Discussion
Denies access to accounts without passwords. This should be set for all SSH methods of authenticating.
Check Content
Open a terminal session and enter the command. more /etc/sshd_config If the value of PermitEmptyPasswords is set to Yes, this is a finding. If the PermitEmptyPasswords option is not set, this is not a finding.
Fix Text
Open a terminal session and edit the following file. /etc/sshd_config Set the value of PermitEmptyPasswords to No.
Additional Identifiers
Rule ID: SV-40699r1_rule
Vulnerability ID: V-25276
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |