Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0 :

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system ntp authentication-key 1 encrypted-key U2FsdGVkX1+/c3CBawcfVcazrhdgQEabYj/R0OWEzQE=
set system strong-password level 2

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX19K6il8jKgBN4NmkcfjUUS0U3tqRpDWayM=

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0 :

set system cli configuration logging global info
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system strong-password display
set system strong-password level 0

Step 2: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX186QPeAcvWEnJLruwq2tVo/AFp/iW2GM2E=

Step 3: Run the command system journal show | tail -n 1000 on DUT0 and expect the following output:

Show output

Jun 03 12:20:04.305378 osdx systemd-journald[262779]: Runtime Journal (/run/log/journal/140771393e044d28bd27951346e92000) is 2.2M, max 13.8M, 11.5M free.
Jun 03 12:20:04.309264 osdx systemd-journald[262779]: Received client request to rotate journal, rotating.
Jun 03 12:20:04.309348 osdx systemd-journald[262779]: Vacuuming done, freed 0B of archived journals from /run/log/journal/140771393e044d28bd27951346e92000.
Jun 03 12:20:04.317162 osdx OSDxCLI[262613]: User 'admin' executed a new command: 'system journal clear'.
Jun 03 12:20:04.526974 osdx OSDxCLI[262613]: User 'admin' executed a new command: 'system coredump delete all'.
Jun 03 12:20:04.837136 osdx OSDxCLI[262613]: User 'admin' entered the configuration menu.
Jun 03 12:20:04.897736 osdx OSDxCLI[262613]: User 'admin' added a new cfg line: 'set system console log-level info'.
Jun 03 12:20:04.990861 osdx OSDxCLI[262613]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
Jun 03 12:20:05.083413 osdx OSDxCLI[262613]: User 'admin' added a new cfg line: 'set system strong-password display'.
Jun 03 12:20:05.204174 osdx OSDxCLI[262613]: User 'admin' added a new cfg line: 'show working'.
Jun 03 12:20:05.264383 osdx ubnt-cfgd[277123]: inactive
Jun 03 12:20:05.284679 osdx INFO[277132]: FRR daemons did not change
Jun 03 12:20:05.286709 osdx modulelauncher[1704]: + Received data: ['262613', 'osdx.utils.xos', 'set_console_log_level', 'info']
Jun 03 12:20:05.308853 osdx OSDxCLI[262613]: Signal 10 received
Jun 03 12:20:05.342206 osdx cfgd[1899]: [262613]Completed change to active configuration
Jun 03 12:20:05.342710 osdx OSDxCLI[262613]: User 'admin' committed the configuration.
Jun 03 12:20:05.359613 osdx OSDxCLI[262613]: User 'admin' left the configuration menu.
Jun 03 12:20:05.599040 osdx OSDxCLI[262613]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jun 03 12:20:05.599699 osdx OSDxCLI[262613]: pam_unix(cli:session): session closed for user admin
Jun 03 12:20:05.600007 osdx OSDxCLI[262613]: User 'admin' entered the configuration menu.
Jun 03 12:20:05.660233 osdx OSDxCLI[262613]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jun 03 12:20:05.660506 osdx cfgd[1899]: Execute action [syntax] for node [system ntp authentication-key 1]
Jun 03 12:20:06.101035 osdx OSDxCLI[262613]: pam_unix(cli:session): session closed for user admin
Jun 03 12:20:06.101479 osdx OSDxCLI[262613]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 ******'.
Jun 03 12:20:06.169701 osdx OSDxCLI[262613]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jun 03 12:20:06.183979 osdx OSDxCLI[262613]: pam_unix(cli:session): session closed for user admin
Jun 03 12:20:06.184317 osdx OSDxCLI[262613]: User 'admin' added a new cfg line: 'show changes'.
Jun 03 12:20:06.294622 osdx OSDxCLI[262613]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jun 03 12:20:06.301631 osdx ubnt-cfgd[277165]: inactive
Jun 03 12:20:06.314757 osdx cfgd[1899]: [262613]must validation for [system strong-password] was skipped
Jun 03 12:20:06.314835 osdx cfgd[1899]: [262613]must validation for [system login user admin role] was skipped
Jun 03 12:20:06.327767 osdx WARNING[277171]: Short keyboard patterns are easy to guess.
Jun 03 12:20:06.327815 osdx INFO[277171]: Suggestions:
Jun 03 12:20:06.327847 osdx INFO[277171]:   Add another word or two. Uncommon words are better.
Jun 03 12:20:06.327866 osdx INFO[277171]:   Use a longer keyboard pattern with more turns.
Jun 03 12:20:06.327883 osdx INFO[277171]: Crack times (passwords per time):
Jun 03 12:20:06.327900 osdx INFO[277171]:   100 per hour:              centuries
Jun 03 12:20:06.327915 osdx INFO[277171]:   10 per second:             3 months
Jun 03 12:20:06.327961 osdx INFO[277171]:   10.000 per second:         3 hours
Jun 03 12:20:06.327986 osdx INFO[277171]:   10.000.000.000 per second: less than a second
Jun 03 12:20:06.334986 osdx INFO[277174]: FRR daemons did not change
Jun 03 12:20:06.335192 osdx cfgd[1899]: Execute action [end] for node [system ntp]
Jun 03 12:20:06.373591 osdx systemd[1]: Starting ntpsec.service - Network Time Service...
Jun 03 12:20:06.379976 osdx ntpd[277181]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
Jun 03 12:20:06.380211 osdx ntp-systemd-wrapper[277181]: 2026-06-03T12:20:06 ntpd[277181]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
Jun 03 12:20:06.380211 osdx ntp-systemd-wrapper[277181]: 2026-06-03T12:20:06 ntpd[277181]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Jun 03 12:20:06.379995 osdx ntpd[277181]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Jun 03 12:20:06.380629 osdx systemd[1]: Started ntpsec.service - Network Time Service.
Jun 03 12:20:06.382986 osdx ntpd[277183]: INIT: precision = 0.052 usec (-24)
Jun 03 12:20:06.383597 osdx ntpd[277183]: INIT: successfully locked into RAM
Jun 03 12:20:06.383616 osdx ntpd[277183]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
Jun 03 12:20:06.383654 osdx ntpd[277183]: AUTH: authreadkeys: reading /etc/ntp.keys
Jun 03 12:20:06.383845 osdx ntpd[277183]: AUTH: authreadkeys: added 1 keys
Jun 03 12:20:06.383900 osdx ntpd[277183]: INIT: Using SO_TIMESTAMPNS(ns)
Jun 03 12:20:06.383918 osdx ntpd[277183]: IO: Listen and drop on 0 v6wildcard [::]:123
Jun 03 12:20:06.383932 osdx ntpd[277183]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Jun 03 12:20:06.384052 osdx ntpd[277183]: IO: Listen normally on 2 lo 127.0.0.1:123
Jun 03 12:20:06.384074 osdx ntpd[277183]: IO: Listen normally on 3 lo [::1]:123
Jun 03 12:20:06.384093 osdx ntpd[277183]: IO: Listening on routing socket on fd #20 for interface updates
Jun 03 12:20:06.384100 osdx ntpd[277183]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
Jun 03 12:20:06.384173 osdx ntpd[277183]: INIT: Built with OpenSSL 3.0.14 4 Jun 2024, 300000e0
Jun 03 12:20:06.384176 osdx ntpd[277183]: INIT: Running with OpenSSL 3.0.19 27 Jan 2026, 30000130
Jun 03 12:20:06.384694 osdx ntpd[277183]: NTSc: Using system default root certificates.
Jun 03 12:20:06.387460 osdx cfgd[1899]: [262613]Completed change to active configuration
Jun 03 12:20:06.387670 osdx OSDxCLI[262613]: pam_unix(cli:session): session closed for user admin
Jun 03 12:20:06.388012 osdx OSDxCLI[262613]: User 'admin' committed the configuration.
Jun 03 12:20:06.412938 osdx OSDxCLI[262613]: User 'admin' left the configuration menu.
Jun 03 12:20:06.552391 osdx OSDxCLI[262613]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)

---