Avamar: The OS user "sshd" has no password assigned

Summary: The Avamar OS user "sshd" has no password assigned.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

A security scanning tool reports that an Avamar Operating System (OS) user has no password. 

On Avamar or VDP grid, the following command retrieves a list of users from the shadow password file where the user has no password configured:  

(In this example, the sshd user is returned):

getent shadow | cut -d: -f1-2 | grep ':$' | cut -d: -f1 
sshd
 

In Linux, the /etc/passwd file shows that the ssh daemon user shell is set to "/bin/false":

less /etc/passwd
...
  sshd:x:71:65:SSH daemon:/var/lib/sshd:/bin/false
...

Cause

This is the default configuration for the SSH daemon which allows tunneling and other non-shell activity like port forwarding.

Resolution

No actions are required as the sshd user is not vulnerable to unauthenticated access:

  • /bin/false is a binary that immediately exits returning false when it is called

  • When a user with this setting logs in, they are immediately logged out when "false" exits

  • An example below when attempting to log in as the sshd user by switching from root: It was immediately redirected to root again:

su - sshd ; whoami
root

Affected Products

Avamar, Avamar Server
Article Properties
Article Number: 000159946
Article Type: Solution
Last Modified: 10 Oct 2025
Version:  5
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.