OPERATIONAL DEFECT DATABASE
...
...
A security scanning tool reports that an Avamar Operating System (OS) user has no password. On Avamar or VDP grid, the following command retrieves a list of users from the shadow password file where the user has no password configured: (In this example, the sshd user is returned): getent shadow | cut -d: -f1-2 | grep ':$' | cut -d: -f1 sshd In Linux, the /etc/passwd file shows that the ssh daemon user shell is set to "/bin/false": less /etc/passwd ... sshd:x:71:65:SSH daemon:/var/lib/sshd:/bin/false ...
This is the default configuration for the SSH daemon which allows tunneling and other non-shell activity like port forwarding.
No actions are required as the sshd user is not vulnerable to unauthenticated access: /bin/false is a binary that immediately exits returning false when it is called When a user with this setting logs in, they are immediately logged out when "false" exits An example below when attempting to log in as the sshd user by switching from root: It was immediately redirected to root again: su - sshd ; whoami root
Click on a version to see all relevant bugs
Dell Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
