1. DSR Security Guide
  2. Diameter Signaling Router Web GUI Standard Features
  3. SSH Security Hardening Procedures
  4. Disabling SSH Access through Empty Passwords

Disabling SSH Access through Empty Passwords

This section describes the procedure to disable the SSH access through empty passwords.

Run the following procedure for each and every server in the topology:
  1. Log in as admusr on the server.
    login: admusr
Password: <current admin user password>
  2. Run the following command to check out the file sshd_config and grep for variablePermitEmptyPasswords in the file :
    $ sudo rcstool co /etc/ssh/sshd_config
$ sudo grep PermitEmptyPasswords /etc/ssh/sshd_config
  3. Run the following command if no result is returned after running step 2:
    $ sudo echo "PermitEmptyPasswords no" >> /etc/ssh/sshd_config

    Run the following command if some result is returned after running step 2:

    $ sudo sed -i '/PermitEmptyPasswords/c\PermitEmptyPasswords no' /etc/ssh/sshd_config
  4. Check in the file sshd_config:
    $ sudo rcstool ci /etc/ssh/sshd_config