Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0:

set system strong-password level 2
set system ntp authentication-key 1 md5 a<dqaz!3?sv

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Set the following configuration in DUT0:

set system ntp authentication-key 1 md5 12345678

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0:

set system console log-level info
set system strong-password level 0
set system strong-password display

Step 2: Set the following configuration in DUT0:

set system ntp authentication-key 1 md5 qwER43@!

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

-- Logs begin at Thu 2024-06-13 00:18:26 UTC, end at Thu 2024-06-13 00:18:29 UTC. --
Jun 13 00:18:26.440794 osdx systemd-journald[17428]: Runtime journal (/run/log/journal/f8d19df27e8d4f24a0b0e24ed9aec425) is 2.0M, max 16.0M, 14.0M free.
Jun 13 00:18:26.469311 osdx OSDxCLI[17211]: User 'admin' executed a new command: 'system journal clear'.
Jun 13 00:18:27.129107 osdx osdx-coredump[20831]: Deleting all coredumps in /opt/vyatta/etc/config/coredump...
Jun 13 00:18:27.139206 osdx OSDxCLI[17211]: User 'admin' executed a new command: 'system coredump delete all'.
Jun 13 00:18:28.213430 osdx OSDxCLI[17211]: User 'admin' entered the configuration menu.
Jun 13 00:18:28.390052 osdx OSDxCLI[17211]: User 'admin' added a new cfg line: 'set system console log-level info'.
Jun 13 00:18:28.541019 osdx OSDxCLI[17211]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
Jun 13 00:18:28.711958 osdx OSDxCLI[17211]: User 'admin' added a new cfg line: 'set system strong-password display'.
Jun 13 00:18:28.851704 osdx modulelauncher[975]: + Received data: ['17211', 'osdx.utils.xos', 'set_console_log_level', 'info']
Jun 13 00:18:28.865351 osdx OSDxCLI[17211]: Signal 10 received
Jun 13 00:18:28.873787 osdx ifmon[980]: Changed log-level to info
Jun 13 00:18:28.874713 osdx cfgd[1122]: [17211]Completed change to active configuration
Jun 13 00:18:28.882275 osdx OSDxCLI[17211]: User 'admin' committed the configuration.
Jun 13 00:18:28.925828 osdx OSDxCLI[17211]: User 'admin' left the configuration menu.
Jun 13 00:18:29.184997 osdx OSDxCLI[17211]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
Jun 13 00:18:29.185890 osdx OSDxCLI[17211]: pam_unix(cli:session): session closed for user admin
Jun 13 00:18:29.186509 osdx OSDxCLI[17211]: User 'admin' entered the configuration menu.
Jun 13 00:18:29.313752 osdx OSDxCLI[17211]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
Jun 13 00:18:29.314287 osdx cfgd[1122]: Execute action [syntax] for node [(null)]
Jun 13 00:18:29.314462 osdx cfgd[1122]: Execute action [syntax] for node [(null)]
Jun 13 00:18:29.338286 osdx OSDxCLI[17211]: pam_unix(cli:session): session closed for user admin
Jun 13 00:18:29.338920 osdx OSDxCLI[17211]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 qwER43@!'.
Jun 13 00:18:29.429294 osdx OSDxCLI[17211]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
Jun 13 00:18:29.435490 osdx cfgd[1122]: [17211]must validation for [system login user admin role] was skipped
Jun 13 00:18:29.465760 osdx WARNING[20879]: Short keyboard patterns are easy to guess.
Jun 13 00:18:29.465849 osdx INFO[20879]: Suggestions:
Jun 13 00:18:29.465908 osdx INFO[20879]:   Add another word or two. Uncommon words are better.
Jun 13 00:18:29.465960 osdx INFO[20879]:   Use a longer keyboard pattern with more turns.
Jun 13 00:18:29.466013 osdx INFO[20879]: Crack times (passwords per time):
Jun 13 00:18:29.466062 osdx INFO[20879]:   100 per hour:              centuries
Jun 13 00:18:29.466108 osdx INFO[20879]:   10 per second:             3.0 months
Jun 13 00:18:29.466155 osdx INFO[20879]:   10.000 per second:         3.0 hours
Jun 13 00:18:29.466203 osdx INFO[20879]:   10.000.000.000 per second: less than a second
Jun 13 00:18:29.471738 osdx cfgd[1122]: Execute action [end] for node [system ntp]
Jun 13 00:18:29.493906 osdx systemd[1]: Starting Network Time Service...
Jun 13 00:18:29.498034 osdx ntpd[20887]: INIT: ntpd ntpsec-1.2.0+ 2024-04-15T12:00:00Z (git rev c695a58): Starting
Jun 13 00:18:29.498372 osdx ntp-systemd-wrapper[20886]: 2024-06-13T00:18:29 ntpd[20887]: INIT: ntpd ntpsec-1.2.0+ 2024-04-15T12:00:00Z (git rev c695a58): Starting
Jun 13 00:18:29.498372 osdx ntp-systemd-wrapper[20886]: 2024-06-13T00:18:29 ntpd[20887]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Jun 13 00:18:29.498062 osdx ntpd[20887]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Jun 13 00:18:29.498636 osdx systemd[1]: ntpsec.service: Can't open PID file /run/ntpd.pid (yet?) after start: No such file or directory
Jun 13 00:18:29.501098 osdx ntpd[20889]: INIT: precision = 0.053 usec (-24)
Jun 13 00:18:29.501302 osdx systemd[1]: Started Network Time Service.
Jun 13 00:18:29.501998 osdx ntpd[20889]: INIT: successfully locked into RAM
Jun 13 00:18:29.502021 osdx ntpd[20889]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
Jun 13 00:18:29.502063 osdx ntpd[20889]: AUTH: authreadkeys: reading /etc/ntp.keys
Jun 13 00:18:29.502084 osdx ntpd[20889]: AUTH: authreadkeys: added 1 keys
Jun 13 00:18:29.502135 osdx ntpd[20889]: INIT: Using SO_TIMESTAMPNS
Jun 13 00:18:29.502150 osdx ntpd[20889]: IO: Listen and drop on 0 v6wildcard [::]:123
Jun 13 00:18:29.502170 osdx ntpd[20889]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Jun 13 00:18:29.502794 osdx ntpd[20889]: IO: Listen normally on 2 lo 127.0.0.1:123
Jun 13 00:18:29.502822 osdx ntpd[20889]: IO: Listen normally on 3 lo [::1]:123
Jun 13 00:18:29.502844 osdx ntpd[20889]: IO: Listening on routing socket on fd #20 for interface updates
Jun 13 00:18:29.502852 osdx ntpd[20889]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
Jun 13 00:18:29.502906 osdx ntpd[20889]: INIT: OpenSSL 1.1.1n  15 Mar 2022, 101010ef
Jun 13 00:18:29.503027 osdx ntpd[20889]: NTSc: Using system default root certificates.
Jun 13 00:18:29.503979 osdx cfgd[1122]: [17211]Completed change to active configuration
Jun 13 00:18:29.507627 osdx OSDxCLI[17211]: pam_unix(cli:session): session closed for user admin
Jun 13 00:18:29.507972 osdx OSDxCLI[17211]: User 'admin' committed the configuration.
Jun 13 00:18:29.563547 osdx OSDxCLI[17211]: User 'admin' left the configuration menu.
Jun 13 00:18:29.659704 osdx zebra[1075]: [RZ3YY-GPH41][EC 100663310] snmp[warning]: Warning: Failed to connect to the agentx master agent ([NIL]):
Jun 13 00:18:29.722522 osdx OSDxCLI[17211]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)

---