Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0:

set system strong-password level 2
set system ntp authentication-key 1 md5 a<dqaz!3?sv

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Set the following configuration in DUT0:

set system ntp authentication-key 1 md5 12345678

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0:

set system console log-level info
set system strong-password level 0
set system strong-password display

Step 2: Set the following configuration in DUT0:

set system ntp authentication-key 1 md5 qwER43@!

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

-- Logs begin at Thu 2024-10-10 09:41:40 UTC, end at Thu 2024-10-10 09:41:43 UTC. --
Oct 10 09:41:40.387587 osdx systemd-journald[27260]: Runtime journal (/run/log/journal/c2d6011d26b547ba87daa360869210a1) is 2.0M, max 16.0M, 14.0M free.
Oct 10 09:41:40.418648 osdx OSDxCLI[1106]: User 'admin' executed a new command: 'system journal clear'.
Oct 10 09:41:41.115536 osdx osdx-coredump[14248]: Deleting all coredumps in /opt/vyatta/etc/config/coredump...
Oct 10 09:41:41.125661 osdx OSDxCLI[1106]: User 'admin' executed a new command: 'system coredump delete all'.
Oct 10 09:41:41.303735 osdx zebra[1281]: [RZ3YY-GPH41][EC 100663310] snmp[warning]: Warning: Failed to connect to the agentx master agent ([NIL]):
Oct 10 09:41:42.220314 osdx OSDxCLI[1106]: User 'admin' entered the configuration menu.
Oct 10 09:41:42.337155 osdx OSDxCLI[1106]: User 'admin' added a new cfg line: 'set system console log-level info'.
Oct 10 09:41:42.457225 osdx OSDxCLI[1106]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
Oct 10 09:41:42.560124 osdx OSDxCLI[1106]: User 'admin' added a new cfg line: 'set system strong-password display'.
Oct 10 09:41:42.733952 osdx modulelauncher[1141]: + Received data: ['1106', 'osdx.utils.xos', 'set_console_log_level', 'info']
Oct 10 09:41:42.744715 osdx OSDxCLI[1106]: Signal 10 received
Oct 10 09:41:42.752354 osdx ifmon[1186]: Changed log-level to info
Oct 10 09:41:42.753118 osdx cfgd[1328]: [1106]Completed change to active configuration
Oct 10 09:41:42.756861 osdx OSDxCLI[1106]: User 'admin' committed the configuration.
Oct 10 09:41:42.782845 osdx OSDxCLI[1106]: User 'admin' left the configuration menu.
Oct 10 09:41:43.089103 osdx OSDxCLI[1106]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
Oct 10 09:41:43.089769 osdx OSDxCLI[1106]: pam_unix(cli:session): session closed for user admin
Oct 10 09:41:43.090120 osdx OSDxCLI[1106]: User 'admin' entered the configuration menu.
Oct 10 09:41:43.213638 osdx OSDxCLI[1106]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
Oct 10 09:41:43.213972 osdx cfgd[1328]: Execute action [syntax] for node [(null)]
Oct 10 09:41:43.214071 osdx cfgd[1328]: Execute action [syntax] for node [(null)]
Oct 10 09:41:43.229917 osdx OSDxCLI[1106]: pam_unix(cli:session): session closed for user admin
Oct 10 09:41:43.230334 osdx OSDxCLI[1106]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 qwER43@!'.
Oct 10 09:41:43.315047 osdx OSDxCLI[1106]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
Oct 10 09:41:43.320836 osdx cfgd[1328]: [1106]must validation for [system login user admin role] was skipped
Oct 10 09:41:43.341660 osdx WARNING[14296]: Short keyboard patterns are easy to guess.
Oct 10 09:41:43.341742 osdx INFO[14296]: Suggestions:
Oct 10 09:41:43.341798 osdx INFO[14296]:   Add another word or two. Uncommon words are better.
Oct 10 09:41:43.341848 osdx INFO[14296]:   Use a longer keyboard pattern with more turns.
Oct 10 09:41:43.341892 osdx INFO[14296]: Crack times (passwords per time):
Oct 10 09:41:43.341940 osdx INFO[14296]:   100 per hour:              centuries
Oct 10 09:41:43.341987 osdx INFO[14296]:   10 per second:             3.0 months
Oct 10 09:41:43.342034 osdx INFO[14296]:   10.000 per second:         3.0 hours
Oct 10 09:41:43.342094 osdx INFO[14296]:   10.000.000.000 per second: less than a second
Oct 10 09:41:43.346768 osdx cfgd[1328]: Execute action [end] for node [system ntp]
Oct 10 09:41:43.377709 osdx systemd[1]: Starting Network Time Service...
Oct 10 09:41:43.382658 osdx ntpd[14304]: INIT: ntpd ntpsec-1.2.0+ 2024-04-15T12:00:00Z (git rev c695a58): Starting
Oct 10 09:41:43.382935 osdx ntp-systemd-wrapper[14303]: 2024-10-10T09:41:43 ntpd[14304]: INIT: ntpd ntpsec-1.2.0+ 2024-04-15T12:00:00Z (git rev c695a58): Starting
Oct 10 09:41:43.383150 osdx ntpd[14304]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Oct 10 09:41:43.383235 osdx ntp-systemd-wrapper[14303]: 2024-10-10T09:41:43 ntpd[14304]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Oct 10 09:41:43.383830 osdx systemd[1]: ntpsec.service: Can't open PID file /run/ntpd.pid (yet?) after start: No such file or directory
Oct 10 09:41:43.387133 osdx ntpd[14306]: INIT: precision = 0.095 usec (-23)
Oct 10 09:41:43.387606 osdx systemd[1]: Started Network Time Service.
Oct 10 09:41:43.388158 osdx ntpd[14306]: INIT: successfully locked into RAM
Oct 10 09:41:43.388178 osdx ntpd[14306]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
Oct 10 09:41:43.388220 osdx ntpd[14306]: AUTH: authreadkeys: reading /etc/ntp.keys
Oct 10 09:41:43.388241 osdx ntpd[14306]: AUTH: authreadkeys: added 1 keys
Oct 10 09:41:43.388295 osdx ntpd[14306]: INIT: Using SO_TIMESTAMPNS
Oct 10 09:41:43.388310 osdx ntpd[14306]: IO: Listen and drop on 0 v6wildcard [::]:123
Oct 10 09:41:43.388329 osdx ntpd[14306]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Oct 10 09:41:43.388845 osdx cfgd[1328]: [1106]Completed change to active configuration
Oct 10 09:41:43.388960 osdx ntpd[14306]: IO: Listen normally on 2 lo 127.0.0.1:123
Oct 10 09:41:43.388992 osdx ntpd[14306]: IO: Listen normally on 3 lo [::1]:123
Oct 10 09:41:43.389018 osdx ntpd[14306]: IO: Listening on routing socket on fd #20 for interface updates
Oct 10 09:41:43.389028 osdx ntpd[14306]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
Oct 10 09:41:43.389098 osdx ntpd[14306]: INIT: OpenSSL 1.1.1n  15 Mar 2022, 101010ef
Oct 10 09:41:43.389281 osdx ntpd[14306]: NTSc: Using system default root certificates.
Oct 10 09:41:43.392130 osdx OSDxCLI[1106]: pam_unix(cli:session): session closed for user admin
Oct 10 09:41:43.392445 osdx OSDxCLI[1106]: User 'admin' committed the configuration.
Oct 10 09:41:43.417291 osdx OSDxCLI[1106]: User 'admin' left the configuration menu.
Oct 10 09:41:43.561788 osdx OSDxCLI[1106]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)

---