Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0:

set system strong-password level 2
set system ntp authentication-key 1 md5 a<dqaz!3?sv

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Set the following configuration in DUT0:

set system ntp authentication-key 1 md5 12345678

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0:

set system console log-level info
set system strong-password level 0
set system strong-password display

Step 2: Set the following configuration in DUT0:

set system ntp authentication-key 1 md5 qwER43@!

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

-- Logs begin at Mon 2024-02-26 20:22:13 UTC, end at Mon 2024-02-26 20:22:16 UTC. --
Feb 26 20:22:13.426888 osdx systemd-journald[1369]: Runtime journal (/run/log/journal/bb5e03885d754db09ee63ec3d68ce029) is 2.0M, max 16.0M, 14.0M free.
Feb 26 20:22:13.444764 osdx OSDxCLI[21649]: User 'admin' executed a new command: 'system journal clear'.
Feb 26 20:22:14.120695 osdx osdx-coredump[28605]: Deleting all coredumps in /opt/vyatta/etc/config/coredump...
Feb 26 20:22:14.132260 osdx OSDxCLI[21649]: User 'admin' executed a new command: 'system coredump delete all'.
Feb 26 20:22:15.167721 osdx OSDxCLI[21649]: User 'admin' entered the configuration menu.
Feb 26 20:22:15.287762 osdx OSDxCLI[21649]: User 'admin' added a new cfg line: 'set system console log-level info'.
Feb 26 20:22:15.428965 osdx OSDxCLI[21649]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
Feb 26 20:22:15.542945 osdx OSDxCLI[21649]: User 'admin' added a new cfg line: 'set system strong-password display'.
Feb 26 20:22:15.666072 osdx modulelauncher[834]: + Received data: ['21649', 'osdx.utils.xos', 'set_console_log_level', 'info']
Feb 26 20:22:15.679317 osdx OSDxCLI[21649]: Signal 10 received
Feb 26 20:22:15.687713 osdx ifmon[839]: Changed log-level to info
Feb 26 20:22:15.688582 osdx cfgd[997]: [21649]Completed change to active configuration
Feb 26 20:22:15.694138 osdx OSDxCLI[21649]: User 'admin' committed the configuration.
Feb 26 20:22:15.730010 osdx OSDxCLI[21649]: User 'admin' left the configuration menu.
Feb 26 20:22:15.977995 osdx OSDxCLI[21649]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
Feb 26 20:22:15.978855 osdx OSDxCLI[21649]: pam_unix(cli:session): session closed for user admin
Feb 26 20:22:15.979154 osdx OSDxCLI[21649]: User 'admin' entered the configuration menu.
Feb 26 20:22:16.098703 osdx OSDxCLI[21649]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
Feb 26 20:22:16.119876 osdx OSDxCLI[21649]: pam_unix(cli:session): session closed for user admin
Feb 26 20:22:16.120192 osdx OSDxCLI[21649]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 qwER43@!'.
Feb 26 20:22:16.206845 osdx OSDxCLI[21649]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
Feb 26 20:22:16.209085 osdx cfgd[997]: [21649]must validation for [system login user admin role] was skipped
Feb 26 20:22:16.233301 osdx WARNING[28653]: Short keyboard patterns are easy to guess.
Feb 26 20:22:16.233821 osdx INFO[28653]: Suggestions:
Feb 26 20:22:16.233983 osdx INFO[28653]:   Add another word or two. Uncommon words are better.
Feb 26 20:22:16.234138 osdx INFO[28653]:   Use a longer keyboard pattern with more turns.
Feb 26 20:22:16.234285 osdx INFO[28653]: Crack times (passwords per time):
Feb 26 20:22:16.234439 osdx INFO[28653]:   100 per hour:              centuries
Feb 26 20:22:16.234585 osdx INFO[28653]:   10 per second:             3.0 months
Feb 26 20:22:16.234729 osdx INFO[28653]:   10.000 per second:         3.0 hours
Feb 26 20:22:16.234873 osdx INFO[28653]:   10.000.000.000 per second: less than a second
Feb 26 20:22:16.244461 osdx cfgd[997]: Execute action [end] for node [system ntp]
Feb 26 20:22:16.271190 osdx systemd[1]: Starting Network Time Service...
Feb 26 20:22:16.278328 osdx ntpd[28661]: INIT: ntpd ntpsec-1.2.0+ 2024-01-09T12:00:00Z (git rev e6aae0a): Starting
Feb 26 20:22:16.278704 osdx ntp-systemd-wrapper[28660]: 2024-02-26T20:22:16 ntpd[28661]: INIT: ntpd ntpsec-1.2.0+ 2024-01-09T12:00:00Z (git rev e6aae0a): Starting
Feb 26 20:22:16.279012 osdx ntpd[28661]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Feb 26 20:22:16.279456 osdx ntp-systemd-wrapper[28660]: 2024-02-26T20:22:16 ntpd[28661]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Feb 26 20:22:16.280056 osdx systemd[1]: ntpsec.service: Can't open PID file /run/ntpd.pid (yet?) after start: No such file or directory
Feb 26 20:22:16.283936 osdx ntpd[28663]: INIT: precision = 0.062 usec (-24)
Feb 26 20:22:16.284544 osdx ntpd[28663]: INIT: successfully locked into RAM
Feb 26 20:22:16.284563 osdx ntpd[28663]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
Feb 26 20:22:16.284610 osdx ntpd[28663]: AUTH: authreadkeys: reading /etc/ntp.keys
Feb 26 20:22:16.284636 osdx ntpd[28663]: AUTH: authreadkeys: added 1 keys
Feb 26 20:22:16.284696 osdx ntpd[28663]: INIT: Using SO_TIMESTAMPNS
Feb 26 20:22:16.284714 osdx ntpd[28663]: IO: Listen and drop on 0 v6wildcard [::]:123
Feb 26 20:22:16.284736 osdx ntpd[28663]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Feb 26 20:22:16.285484 osdx ntpd[28663]: IO: Listen normally on 2 lo 127.0.0.1:123
Feb 26 20:22:16.285517 osdx ntpd[28663]: IO: Listen normally on 3 lo [::1]:123
Feb 26 20:22:16.285548 osdx ntpd[28663]: IO: Listening on routing socket on fd #20 for interface updates
Feb 26 20:22:16.285560 osdx ntpd[28663]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
Feb 26 20:22:16.285633 osdx ntpd[28663]: INIT: OpenSSL 1.1.1n  15 Mar 2022, 101010ef
Feb 26 20:22:16.285785 osdx ntpd[28663]: NTSc: Using system default root certificates.
Feb 26 20:22:16.287608 osdx systemd[1]: Started Network Time Service.
Feb 26 20:22:16.290363 osdx cfgd[997]: [21649]Completed change to active configuration
Feb 26 20:22:16.295121 osdx OSDxCLI[21649]: pam_unix(cli:session): session closed for user admin
Feb 26 20:22:16.295459 osdx OSDxCLI[21649]: User 'admin' committed the configuration.
Feb 26 20:22:16.327902 osdx OSDxCLI[21649]: User 'admin' left the configuration menu.
Feb 26 20:22:16.495500 osdx OSDxCLI[21649]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)

---