Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0:

set system strong-password level 2
set system ntp authentication-key 1 md5 a<dqaz!3?sv

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Set the following configuration in DUT0:

set system ntp authentication-key 1 md5 12345678

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0:

set system console log-level info
set system strong-password level 0
set system strong-password display

Step 2: Set the following configuration in DUT0:

set system ntp authentication-key 1 md5 qwER43@!

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

-- Logs begin at Tue 2024-04-09 07:57:52 UTC, end at Tue 2024-04-09 07:57:55 UTC. --
Apr 09 07:57:52.370030 osdx systemd-journald[1509]: Runtime journal (/run/log/journal/2dc26f94a9f34e56b62b3c0d209c4be0) is 2.0M, max 16.0M, 14.0M free.
Apr 09 07:57:52.399326 osdx OSDxCLI[12142]: User 'admin' executed a new command: 'system journal clear'.
Apr 09 07:57:52.972745 osdx osdx-coredump[14781]: Deleting all coredumps in /opt/vyatta/etc/config/coredump...
Apr 09 07:57:52.981252 osdx OSDxCLI[12142]: User 'admin' executed a new command: 'system coredump delete all'.
Apr 09 07:57:53.835871 osdx OSDxCLI[12142]: User 'admin' entered the configuration menu.
Apr 09 07:57:53.959372 osdx OSDxCLI[12142]: User 'admin' added a new cfg line: 'set system console log-level info'.
Apr 09 07:57:54.053120 osdx OSDxCLI[12142]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
Apr 09 07:57:54.146513 osdx OSDxCLI[12142]: User 'admin' added a new cfg line: 'set system strong-password display'.
Apr 09 07:57:54.255448 osdx modulelauncher[973]: + Received data: ['12142', 'osdx.utils.xos', 'set_console_log_level', 'info']
Apr 09 07:57:54.265971 osdx OSDxCLI[12142]: Signal 10 received
Apr 09 07:57:54.273003 osdx ifmon[981]: Changed log-level to info
Apr 09 07:57:54.273831 osdx cfgd[1120]: [12142]Completed change to active configuration
Apr 09 07:57:54.277064 osdx OSDxCLI[12142]: User 'admin' committed the configuration.
Apr 09 07:57:54.304458 osdx OSDxCLI[12142]: User 'admin' left the configuration menu.
Apr 09 07:57:54.527043 osdx OSDxCLI[12142]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
Apr 09 07:57:54.527962 osdx OSDxCLI[12142]: pam_unix(cli:session): session closed for user admin
Apr 09 07:57:54.528470 osdx OSDxCLI[12142]: User 'admin' entered the configuration menu.
Apr 09 07:57:54.635894 osdx OSDxCLI[12142]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
Apr 09 07:57:54.636436 osdx cfgd[1120]: Execute action [syntax] for node [(null)]
Apr 09 07:57:54.636602 osdx cfgd[1120]: Execute action [syntax] for node [(null)]
Apr 09 07:57:54.657801 osdx OSDxCLI[12142]: pam_unix(cli:session): session closed for user admin
Apr 09 07:57:54.658401 osdx OSDxCLI[12142]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 qwER43@!'.
Apr 09 07:57:54.761217 osdx OSDxCLI[12142]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
Apr 09 07:57:54.767076 osdx cfgd[1120]: [12142]must validation for [system login user admin role] was skipped
Apr 09 07:57:54.784896 osdx WARNING[14829]: Short keyboard patterns are easy to guess.
Apr 09 07:57:54.784961 osdx INFO[14829]: Suggestions:
Apr 09 07:57:54.785001 osdx INFO[14829]:   Add another word or two. Uncommon words are better.
Apr 09 07:57:54.785036 osdx INFO[14829]:   Use a longer keyboard pattern with more turns.
Apr 09 07:57:54.785068 osdx INFO[14829]: Crack times (passwords per time):
Apr 09 07:57:54.785101 osdx INFO[14829]:   100 per hour:              centuries
Apr 09 07:57:54.785133 osdx INFO[14829]:   10 per second:             3.0 months
Apr 09 07:57:54.785165 osdx INFO[14829]:   10.000 per second:         3.0 hours
Apr 09 07:57:54.785196 osdx INFO[14829]:   10.000.000.000 per second: less than a second
Apr 09 07:57:54.789943 osdx cfgd[1120]: Execute action [end] for node [system ntp]
Apr 09 07:57:54.820477 osdx systemd[1]: Starting Network Time Service...
Apr 09 07:57:54.825203 osdx ntpd[14837]: INIT: ntpd ntpsec-1.2.0+ 2024-01-09T12:00:00Z (git rev e6aae0a): Starting
Apr 09 07:57:54.825458 osdx ntp-systemd-wrapper[14836]: 2024-04-09T07:57:54 ntpd[14837]: INIT: ntpd ntpsec-1.2.0+ 2024-01-09T12:00:00Z (git rev e6aae0a): Starting
Apr 09 07:57:54.825713 osdx ntpd[14837]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Apr 09 07:57:54.825784 osdx ntp-systemd-wrapper[14836]: 2024-04-09T07:57:54 ntpd[14837]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Apr 09 07:57:54.826330 osdx systemd[1]: ntpsec.service: Can't open PID file /run/ntpd.pid (yet?) after start: No such file or directory
Apr 09 07:57:54.828939 osdx ntpd[14839]: INIT: precision = 0.054 usec (-24)
Apr 09 07:57:54.829296 osdx systemd[1]: Started Network Time Service.
Apr 09 07:57:54.829702 osdx ntpd[14839]: INIT: successfully locked into RAM
Apr 09 07:57:54.829718 osdx ntpd[14839]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
Apr 09 07:57:54.829764 osdx ntpd[14839]: AUTH: authreadkeys: reading /etc/ntp.keys
Apr 09 07:57:54.829780 osdx ntpd[14839]: AUTH: authreadkeys: added 1 keys
Apr 09 07:57:54.829821 osdx ntpd[14839]: INIT: Using SO_TIMESTAMPNS
Apr 09 07:57:54.829833 osdx ntpd[14839]: IO: Listen and drop on 0 v6wildcard [::]:123
Apr 09 07:57:54.829848 osdx ntpd[14839]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Apr 09 07:57:54.830365 osdx ntpd[14839]: IO: Listen normally on 2 lo 127.0.0.1:123
Apr 09 07:57:54.830393 osdx ntpd[14839]: IO: Listen normally on 3 lo [::1]:123
Apr 09 07:57:54.830428 osdx ntpd[14839]: IO: Listening on routing socket on fd #20 for interface updates
Apr 09 07:57:54.830435 osdx ntpd[14839]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
Apr 09 07:57:54.830493 osdx ntpd[14839]: INIT: OpenSSL 1.1.1n  15 Mar 2022, 101010ef
Apr 09 07:57:54.830643 osdx ntpd[14839]: NTSc: Using system default root certificates.
Apr 09 07:57:54.830923 osdx cfgd[1120]: [12142]Completed change to active configuration
Apr 09 07:57:54.833670 osdx OSDxCLI[12142]: pam_unix(cli:session): session closed for user admin
Apr 09 07:57:54.833966 osdx OSDxCLI[12142]: User 'admin' committed the configuration.
Apr 09 07:57:54.858970 osdx OSDxCLI[12142]: User 'admin' left the configuration menu.
Apr 09 07:57:55.016784 osdx OSDxCLI[12142]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)

---