Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0:

set system strong-password level 2
set system ntp authentication-key 1 md5 a<dqaz!3?sv

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Set the following configuration in DUT0:

set system ntp authentication-key 1 md5 12345678

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0:

set system console log-level info
set system strong-password level 0
set system strong-password display

Step 2: Set the following configuration in DUT0:

set system ntp authentication-key 1 md5 qwER43@!

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

-- Logs begin at Wed 2024-10-09 07:09:47 UTC, end at Wed 2024-10-09 07:09:49 UTC. --
Oct 09 07:09:47.272291 osdx systemd-journald[1707]: Runtime journal (/run/log/journal/7b13f98cf6974d34b6af66a5ac8a2ed7) is 2.0M, max 16.0M, 14.0M free.
Oct 09 07:09:47.293231 osdx OSDxCLI[1913]: User 'admin' executed a new command: 'system journal clear'.
Oct 09 07:09:47.642637 osdx osdx-coredump[30232]: Deleting all coredumps in /opt/vyatta/etc/config/coredump...
Oct 09 07:09:47.648691 osdx OSDxCLI[1913]: User 'admin' executed a new command: 'system coredump delete all'.
Oct 09 07:09:48.187465 osdx OSDxCLI[1913]: User 'admin' entered the configuration menu.
Oct 09 07:09:48.275610 osdx OSDxCLI[1913]: User 'admin' added a new cfg line: 'set system console log-level info'.
Oct 09 07:09:48.328014 osdx OSDxCLI[1913]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
Oct 09 07:09:48.417672 osdx OSDxCLI[1913]: User 'admin' added a new cfg line: 'set system strong-password display'.
Oct 09 07:09:48.472558 osdx modulelauncher[1181]: + Received data: ['1913', 'osdx.utils.xos', 'set_console_log_level', 'info']
Oct 09 07:09:48.480165 osdx OSDxCLI[1913]: Signal 10 received
Oct 09 07:09:48.485362 osdx ifmon[1187]: Changed log-level to info
Oct 09 07:09:48.485730 osdx cfgd[1327]: [1913]Completed change to active configuration
Oct 09 07:09:48.488006 osdx OSDxCLI[1913]: User 'admin' committed the configuration.
Oct 09 07:09:48.524683 osdx OSDxCLI[1913]: User 'admin' left the configuration menu.
Oct 09 07:09:48.717700 osdx OSDxCLI[1913]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
Oct 09 07:09:48.718193 osdx OSDxCLI[1913]: pam_unix(cli:session): session closed for user admin
Oct 09 07:09:48.718363 osdx OSDxCLI[1913]: User 'admin' entered the configuration menu.
Oct 09 07:09:48.780673 osdx OSDxCLI[1913]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
Oct 09 07:09:48.781041 osdx cfgd[1327]: Execute action [syntax] for node [(null)]
Oct 09 07:09:48.781098 osdx cfgd[1327]: Execute action [syntax] for node [(null)]
Oct 09 07:09:48.792663 osdx OSDxCLI[1913]: pam_unix(cli:session): session closed for user admin
Oct 09 07:09:48.792948 osdx OSDxCLI[1913]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 qwER43@!'.
Oct 09 07:09:48.876215 osdx OSDxCLI[1913]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)
Oct 09 07:09:48.880154 osdx cfgd[1327]: [1913]must validation for [system login user admin role] was skipped
Oct 09 07:09:48.900856 osdx WARNING[30280]: Short keyboard patterns are easy to guess.
Oct 09 07:09:48.900904 osdx INFO[30280]: Suggestions:
Oct 09 07:09:48.900933 osdx INFO[30280]:   Add another word or two. Uncommon words are better.
Oct 09 07:09:48.900957 osdx INFO[30280]:   Use a longer keyboard pattern with more turns.
Oct 09 07:09:48.900979 osdx INFO[30280]: Crack times (passwords per time):
Oct 09 07:09:48.901001 osdx INFO[30280]:   100 per hour:              centuries
Oct 09 07:09:48.901023 osdx INFO[30280]:   10 per second:             3.0 months
Oct 09 07:09:48.901042 osdx INFO[30280]:   10.000 per second:         3.0 hours
Oct 09 07:09:48.901063 osdx INFO[30280]:   10.000.000.000 per second: less than a second
Oct 09 07:09:48.904122 osdx cfgd[1327]: Execute action [end] for node [system ntp]
Oct 09 07:09:48.917147 osdx systemd[1]: Starting Network Time Service...
Oct 09 07:09:48.920503 osdx ntpd[30288]: INIT: ntpd ntpsec-1.2.0+ 2024-04-15T12:00:00Z (git rev c695a58): Starting
Oct 09 07:09:48.920734 osdx ntp-systemd-wrapper[30287]: 2024-10-09T07:09:48 ntpd[30288]: INIT: ntpd ntpsec-1.2.0+ 2024-04-15T12:00:00Z (git rev c695a58): Starting
Oct 09 07:09:48.920734 osdx ntp-systemd-wrapper[30287]: 2024-10-09T07:09:48 ntpd[30288]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Oct 09 07:09:48.920522 osdx ntpd[30288]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Oct 09 07:09:48.920947 osdx systemd[1]: ntpsec.service: Can't open PID file /run/ntpd.pid (yet?) after start: No such file or directory
Oct 09 07:09:48.922568 osdx ntpd[30290]: INIT: precision = 0.049 usec (-24)
Oct 09 07:09:48.923131 osdx ntpd[30290]: INIT: successfully locked into RAM
Oct 09 07:09:48.923143 osdx ntpd[30290]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
Oct 09 07:09:48.923172 osdx ntpd[30290]: AUTH: authreadkeys: reading /etc/ntp.keys
Oct 09 07:09:48.923185 osdx ntpd[30290]: AUTH: authreadkeys: added 1 keys
Oct 09 07:09:48.923223 osdx ntpd[30290]: INIT: Using SO_TIMESTAMPNS
Oct 09 07:09:48.923232 osdx ntpd[30290]: IO: Listen and drop on 0 v6wildcard [::]:123
Oct 09 07:09:48.923245 osdx ntpd[30290]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Oct 09 07:09:48.923456 osdx systemd[1]: Started Network Time Service.
Oct 09 07:09:48.923569 osdx ntpd[30290]: IO: Listen normally on 2 lo 127.0.0.1:123
Oct 09 07:09:48.923590 osdx ntpd[30290]: IO: Listen normally on 3 lo [::1]:123
Oct 09 07:09:48.923608 osdx ntpd[30290]: IO: Listening on routing socket on fd #20 for interface updates
Oct 09 07:09:48.923616 osdx ntpd[30290]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
Oct 09 07:09:48.923672 osdx ntpd[30290]: INIT: OpenSSL 1.1.1n  15 Mar 2022, 101010ef
Oct 09 07:09:48.923792 osdx ntpd[30290]: NTSc: Using system default root certificates.
Oct 09 07:09:48.924249 osdx cfgd[1327]: [1913]Completed change to active configuration
Oct 09 07:09:48.926213 osdx OSDxCLI[1913]: pam_unix(cli:session): session closed for user admin
Oct 09 07:09:48.926443 osdx OSDxCLI[1913]: User 'admin' committed the configuration.
Oct 09 07:09:48.941163 osdx OSDxCLI[1913]: User 'admin' left the configuration menu.
Oct 09 07:09:49.053090 osdx OSDxCLI[1913]: pam_unix(cli:session): session opened for user admin by admin(uid=1000)

---