Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0:

set system strong-password level 2
set system ntp authentication-key 1 md5 a<dqaz!3?sv

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Set the following configuration in DUT0:

set system ntp authentication-key 1 md5 12345678

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0:

set system console log-level info
set system strong-password level 0
set system strong-password display

Step 2: Set the following configuration in DUT0:

set system ntp authentication-key 1 md5 qwER43@!

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

-- Logs begin at Wed 2024-05-22 10:19:30 UTC, end at Wed 2024-05-22 10:19:33 UTC. --
May 22 10:19:30.000389 osdx systemd-timedated[28657]: Changed local time to Wed May 22 10:19:30 2024
May 22 10:19:30.002069 osdx OSDxCLI[27280]: User 'admin' executed a new command: 'set date 2024-05-22 10:19:30'.
May 22 10:19:30.373501 osdx systemd-journald[11035]: Runtime journal (/run/log/journal/99893f06e2ec475e9e852fdd13370208) is 4.0M, max 16.0M, 11.9M free.
May 22 10:19:30.400045 osdx OSDxCLI[27280]: User 'admin' executed a new command: 'system journal clear'.
May 22 10:19:30.976415 osdx osdx-coredump[29809]: Deleting all coredumps in /opt/vyatta/etc/config/coredump...
May 22 10:19:30.984605 osdx OSDxCLI[27280]: User 'admin' executed a new command: 'system coredump delete all'.
May 22 10:19:31.859543 osdx OSDxCLI[27280]: User 'admin' entered the configuration menu.
May 22 10:19:31.982822 osdx OSDxCLI[27280]: User 'admin' added a new cfg line: 'set system console log-level info'.
May 22 10:19:32.072288 osdx OSDxCLI[27280]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
May 22 10:19:32.162004 osdx OSDxCLI[27280]: User 'admin' added a new cfg line: 'set system strong-password display'.
May 22 10:19:32.285878 osdx modulelauncher[978]: + Received data: ['27280', 'osdx.utils.xos', 'set_console_log_level', 'info']
May 22 10:19:32.297924 osdx OSDxCLI[27280]: Signal 10 received
May 22 10:19:32.307491 osdx ifmon[983]: Changed log-level to info
May 22 10:19:32.308378 osdx cfgd[1125]: [27280]Completed change to active configuration
May 22 10:19:32.312003 osdx OSDxCLI[27280]: User 'admin' committed the configuration.
May 22 10:19:32.372831 osdx OSDxCLI[27280]: User 'admin' left the configuration menu.
May 22 10:19:32.585357 osdx OSDxCLI[27280]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
May 22 10:19:32.586260 osdx OSDxCLI[27280]: pam_unix(cli:session): session closed for user admin
May 22 10:19:32.586821 osdx OSDxCLI[27280]: User 'admin' entered the configuration menu.
May 22 10:19:32.678148 osdx OSDxCLI[27280]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
May 22 10:19:32.678541 osdx cfgd[1125]: Execute action [syntax] for node [(null)]
May 22 10:19:32.678627 osdx cfgd[1125]: Execute action [syntax] for node [(null)]
May 22 10:19:32.694974 osdx OSDxCLI[27280]: pam_unix(cli:session): session closed for user admin
May 22 10:19:32.695485 osdx OSDxCLI[27280]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 qwER43@!'.
May 22 10:19:32.798420 osdx OSDxCLI[27280]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
May 22 10:19:32.805066 osdx cfgd[1125]: [27280]must validation for [system login user admin role] was skipped
May 22 10:19:32.824156 osdx WARNING[29857]: Short keyboard patterns are easy to guess.
May 22 10:19:32.824226 osdx INFO[29857]: Suggestions:
May 22 10:19:32.824282 osdx INFO[29857]:   Add another word or two. Uncommon words are better.
May 22 10:19:32.824319 osdx INFO[29857]:   Use a longer keyboard pattern with more turns.
May 22 10:19:32.824351 osdx INFO[29857]: Crack times (passwords per time):
May 22 10:19:32.824389 osdx INFO[29857]:   100 per hour:              centuries
May 22 10:19:32.824425 osdx INFO[29857]:   10 per second:             3.0 months
May 22 10:19:32.824462 osdx INFO[29857]:   10.000 per second:         3.0 hours
May 22 10:19:32.824497 osdx INFO[29857]:   10.000.000.000 per second: less than a second
May 22 10:19:32.830991 osdx cfgd[1125]: Execute action [end] for node [system ntp]
May 22 10:19:32.852233 osdx systemd[1]: Starting Network Time Service...
May 22 10:19:32.856819 osdx ntpd[29865]: INIT: ntpd ntpsec-1.2.0+ 2024-04-15T12:00:00Z (git rev c695a58): Starting
May 22 10:19:32.857122 osdx ntp-systemd-wrapper[29864]: 2024-05-22T10:19:32 ntpd[29865]: INIT: ntpd ntpsec-1.2.0+ 2024-04-15T12:00:00Z (git rev c695a58): Starting
May 22 10:19:32.857122 osdx ntp-systemd-wrapper[29864]: 2024-05-22T10:19:32 ntpd[29865]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
May 22 10:19:32.856855 osdx ntpd[29865]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
May 22 10:19:32.857423 osdx systemd[1]: ntpsec.service: Can't open PID file /run/ntpd.pid (yet?) after start: No such file or directory
May 22 10:19:32.860904 osdx ntpd[29867]: INIT: precision = 0.089 usec (-23)
May 22 10:19:32.861126 osdx systemd[1]: Started Network Time Service.
May 22 10:19:32.861958 osdx ntpd[29867]: INIT: successfully locked into RAM
May 22 10:19:32.861979 osdx ntpd[29867]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
May 22 10:19:32.862021 osdx ntpd[29867]: AUTH: authreadkeys: reading /etc/ntp.keys
May 22 10:19:32.862041 osdx ntpd[29867]: AUTH: authreadkeys: added 1 keys
May 22 10:19:32.862095 osdx ntpd[29867]: INIT: Using SO_TIMESTAMPNS
May 22 10:19:32.862109 osdx ntpd[29867]: IO: Listen and drop on 0 v6wildcard [::]:123
May 22 10:19:32.862129 osdx ntpd[29867]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
May 22 10:19:32.862927 osdx ntpd[29867]: IO: Listen normally on 2 lo 127.0.0.1:123
May 22 10:19:32.862963 osdx ntpd[29867]: IO: Listen normally on 3 lo [::1]:123
May 22 10:19:32.862995 osdx ntpd[29867]: IO: Listening on routing socket on fd #20 for interface updates
May 22 10:19:32.863007 osdx ntpd[29867]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
May 22 10:19:32.863074 osdx cfgd[1125]: [27280]Completed change to active configuration
May 22 10:19:32.863094 osdx ntpd[29867]: INIT: OpenSSL 1.1.1n  15 Mar 2022, 101010ef
May 22 10:19:32.863288 osdx ntpd[29867]: NTSc: Using system default root certificates.
May 22 10:19:32.866110 osdx OSDxCLI[27280]: pam_unix(cli:session): session closed for user admin
May 22 10:19:32.866367 osdx OSDxCLI[27280]: User 'admin' committed the configuration.
May 22 10:19:32.890706 osdx OSDxCLI[27280]: User 'admin' left the configuration menu.
May 22 10:19:33.032975 osdx OSDxCLI[27280]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)

---