The ESXi host Secure Shell (SSH) daemon must not allow authentication using an empty password.

An XCCDF Rule

Details
Profiles

Description

Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.

ID: SV-256387r959010_rule
Version: ESXI-70-000015
Severity: Low
References: CCI-000366
Updated: about 2 months ago

Remediation Templates

From an ESXi shell, add or correct the following line in "/etc/ssh/sshd_config":

PermitEmptyPasswords no

The ESXi host Secure Shell (SSH) daemon must not allow authentication using an empty password.

Description

Remediation Templates

A Manual Procedure