Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0:

set system strong-password level 2
set system ntp authentication-key 1 md5 a<dqaz!3?sv

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Set the following configuration in DUT0:

set system ntp authentication-key 1 md5 12345678

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0:

set system console log-level info
set system strong-password level 0
set system strong-password display

Step 2: Set the following configuration in DUT0:

set system ntp authentication-key 1 md5 qwER43@!

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

-- Logs begin at Mon 2024-12-02 19:04:23 UTC, end at Mon 2024-12-02 19:04:26 UTC. --
Dec 02 19:04:23.466276 osdx systemd-journald[1504]: Runtime journal (/run/log/journal/1d07d1333cb24d498692b025d3740112) is 2.0M, max 16.0M, 14.0M free.
Dec 02 19:04:23.490902 osdx OSDxCLI[25701]: User 'admin' executed a new command: 'system journal clear'.
Dec 02 19:04:24.279320 osdx osdx-coredump[9673]: Deleting all coredumps in /opt/vyatta/etc/config/coredump...
Dec 02 19:04:24.290139 osdx OSDxCLI[25701]: User 'admin' executed a new command: 'system coredump delete all'.
Dec 02 19:04:25.341931 osdx OSDxCLI[25701]: User 'admin' entered the configuration menu.
Dec 02 19:04:25.461729 osdx OSDxCLI[25701]: User 'admin' added a new cfg line: 'set system console log-level info'.
Dec 02 19:04:25.612630 osdx OSDxCLI[25701]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
Dec 02 19:04:25.725415 osdx OSDxCLI[25701]: User 'admin' added a new cfg line: 'set system strong-password display'.
Dec 02 19:04:25.872018 osdx modulelauncher[972]: + Received data: ['25701', 'osdx.utils.xos', 'set_console_log_level', 'info']
Dec 02 19:04:25.888729 osdx OSDxCLI[25701]: Signal 10 received
Dec 02 19:04:25.902741 osdx ifmon[980]: Changed log-level to info
Dec 02 19:04:25.903526 osdx cfgd[1120]: [25701]Completed change to active configuration
Dec 02 19:04:25.907780 osdx OSDxCLI[25701]: User 'admin' committed the configuration.
Dec 02 19:04:25.937996 osdx OSDxCLI[25701]: User 'admin' left the configuration menu.
Dec 02 19:04:26.184087 osdx OSDxCLI[25701]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
Dec 02 19:04:26.184961 osdx OSDxCLI[25701]: pam_unix(cli:session): session closed for user admin
Dec 02 19:04:26.185520 osdx OSDxCLI[25701]: User 'admin' entered the configuration menu.
Dec 02 19:04:26.300408 osdx OSDxCLI[25701]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
Dec 02 19:04:26.300852 osdx cfgd[1120]: Execute action [syntax] for node [(null)]
Dec 02 19:04:26.301003 osdx cfgd[1120]: Execute action [syntax] for node [(null)]
Dec 02 19:04:26.324872 osdx OSDxCLI[25701]: pam_unix(cli:session): session closed for user admin
Dec 02 19:04:26.325247 osdx OSDxCLI[25701]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 qwER43@!'.
Dec 02 19:04:26.425980 osdx OSDxCLI[25701]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
Dec 02 19:04:26.432542 osdx cfgd[1120]: [25701]must validation for [system login user admin role] was skipped
Dec 02 19:04:26.463960 osdx WARNING[9721]: Short keyboard patterns are easy to guess.
Dec 02 19:04:26.464032 osdx INFO[9721]: Suggestions:
Dec 02 19:04:26.464089 osdx INFO[9721]:   Add another word or two. Uncommon words are better.
Dec 02 19:04:26.464128 osdx INFO[9721]:   Use a longer keyboard pattern with more turns.
Dec 02 19:04:26.464159 osdx INFO[9721]: Crack times (passwords per time):
Dec 02 19:04:26.464194 osdx INFO[9721]:   100 per hour:              centuries
Dec 02 19:04:26.464226 osdx INFO[9721]:   10 per second:             3.0 months
Dec 02 19:04:26.464274 osdx INFO[9721]:   10.000 per second:         3.0 hours
Dec 02 19:04:26.464320 osdx INFO[9721]:   10.000.000.000 per second: less than a second
Dec 02 19:04:26.469319 osdx cfgd[1120]: Execute action [end] for node [system ntp]
Dec 02 19:04:26.501091 osdx systemd[1]: Starting Network Time Service...
Dec 02 19:04:26.506622 osdx ntpd[9729]: INIT: ntpd ntpsec-1.2.0+ 2024-04-15T12:00:00Z (git rev c695a58): Starting
Dec 02 19:04:26.507001 osdx ntp-systemd-wrapper[9728]: 2024-12-02T19:04:26 ntpd[9729]: INIT: ntpd ntpsec-1.2.0+ 2024-04-15T12:00:00Z (git rev c695a58): Starting
Dec 02 19:04:26.507328 osdx ntpd[9729]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Dec 02 19:04:26.507435 osdx ntp-systemd-wrapper[9728]: 2024-12-02T19:04:26 ntpd[9729]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Dec 02 19:04:26.508119 osdx systemd[1]: ntpsec.service: Can't open PID file /run/ntpd.pid (yet?) after start: No such file or directory
Dec 02 19:04:26.512032 osdx ntpd[9731]: INIT: precision = 0.079 usec (-24)
Dec 02 19:04:26.513037 osdx ntpd[9731]: INIT: successfully locked into RAM
Dec 02 19:04:26.518193 osdx systemd[1]: Started Network Time Service.
Dec 02 19:04:26.513054 osdx ntpd[9731]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
Dec 02 19:04:26.513096 osdx ntpd[9731]: AUTH: authreadkeys: reading /etc/ntp.keys
Dec 02 19:04:26.513117 osdx ntpd[9731]: AUTH: authreadkeys: added 1 keys
Dec 02 19:04:26.513172 osdx ntpd[9731]: INIT: Using SO_TIMESTAMPNS
Dec 02 19:04:26.513187 osdx ntpd[9731]: IO: Listen and drop on 0 v6wildcard [::]:123
Dec 02 19:04:26.513207 osdx ntpd[9731]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Dec 02 19:04:26.513871 osdx ntpd[9731]: IO: Listen normally on 2 lo 127.0.0.1:123
Dec 02 19:04:26.513898 osdx ntpd[9731]: IO: Listen normally on 3 lo [::1]:123
Dec 02 19:04:26.513924 osdx ntpd[9731]: IO: Listening on routing socket on fd #20 for interface updates
Dec 02 19:04:26.513935 osdx ntpd[9731]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
Dec 02 19:04:26.514007 osdx ntpd[9731]: INIT: OpenSSL 1.1.1n  15 Mar 2022, 101010ef
Dec 02 19:04:26.514194 osdx ntpd[9731]: NTSc: Using system default root certificates.
Dec 02 19:04:26.519692 osdx cfgd[1120]: [25701]Completed change to active configuration
Dec 02 19:04:26.522771 osdx OSDxCLI[25701]: pam_unix(cli:session): session closed for user admin
Dec 02 19:04:26.523113 osdx OSDxCLI[25701]: User 'admin' committed the configuration.
Dec 02 19:04:26.556903 osdx OSDxCLI[25701]: User 'admin' left the configuration menu.
Dec 02 19:04:26.757657 osdx OSDxCLI[25701]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)

---