Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0 :

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system ntp authentication-key 1 encrypted-key U2FsdGVkX1/aSwl5+OJpC+QKzQaULbPCvNrSfDls3mI=
set system strong-password level 2

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX1/aSwl5+OJpC7UiaqXwiK2mWkTdXU9OZIk=

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0 :

set system cli configuration logging global info
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system strong-password display
set system strong-password level 0

Step 2: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX188rgHc4doazhPxcdC6BHP6UcqoXO5Gkpo=

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

Jun 02 08:13:42.000169 osdx systemd-timedated[43983]: Changed local time to Tue 2026-06-02 08:13:42 UTC
Jun 02 08:13:42.001645 osdx OSDxCLI[49943]: User 'admin' executed a new command: 'set date 2026-06-02 08:13:42'.
Jun 02 08:13:42.004349 osdx systemd-journald[1972]: Time jumped backwards, rotating.
Jun 02 08:13:42.333417 osdx sudo[52854]: pam_limits(sudo:session): invalid line '@200:215        hard        maxlogins        ' - skipped
Jun 02 08:13:42.336740 osdx systemd-journald[1972]: Runtime Journal (/run/log/journal/a0363f0a73514b24b35c4ba7ae73dc6e) is 1.8M, max 13.8M, 11.9M free.
Jun 02 08:13:42.340358 osdx systemd-journald[1972]: Received client request to rotate journal, rotating.
Jun 02 08:13:42.340427 osdx systemd-journald[1972]: Vacuuming done, freed 0B of archived journals from /run/log/journal/a0363f0a73514b24b35c4ba7ae73dc6e.
Jun 02 08:13:42.341822 osdx sudo[52853]: pam_limits(sudo:session): invalid line '@200:215        hard        maxlogins        ' - skipped
Jun 02 08:13:42.350009 osdx OSDxCLI[49943]: User 'admin' executed a new command: 'system journal clear'.
Jun 02 08:13:42.610236 osdx OSDxCLI[49943]: User 'admin' executed a new command: 'system coredump delete all'.
Jun 02 08:13:42.903101 osdx OSDxCLI[49943]: User 'admin' entered the configuration menu.
Jun 02 08:13:42.976246 osdx OSDxCLI[49943]: User 'admin' added a new cfg line: 'set system console log-level info'.
Jun 02 08:13:43.081175 osdx OSDxCLI[49943]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
Jun 02 08:13:43.144573 osdx OSDxCLI[49943]: User 'admin' added a new cfg line: 'set system strong-password display'.
Jun 02 08:13:43.245078 osdx OSDxCLI[49943]: User 'admin' added a new cfg line: 'show working'.
Jun 02 08:13:43.306409 osdx ubnt-cfgd[52875]: inactive
Jun 02 08:13:43.327553 osdx INFO[52883]: FRR daemons did not change
Jun 02 08:13:43.328636 osdx modulelauncher[1486]: + Received data: ['49943', 'osdx.utils.xos', 'set_console_log_level', 'info']
Jun 02 08:13:43.347237 osdx OSDxCLI[49943]: Signal 10 received
Jun 02 08:13:43.360136 osdx cfgd[1665]: [49943]Completed change to active configuration
Jun 02 08:13:43.362106 osdx OSDxCLI[49943]: User 'admin' committed the configuration.
Jun 02 08:13:43.380466 osdx OSDxCLI[49943]: User 'admin' left the configuration menu.
Jun 02 08:13:43.547447 osdx OSDxCLI[49943]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jun 02 08:13:43.548118 osdx OSDxCLI[49943]: pam_unix(cli:session): session closed for user admin
Jun 02 08:13:43.548558 osdx OSDxCLI[49943]: User 'admin' entered the configuration menu.
Jun 02 08:13:43.616445 osdx OSDxCLI[49943]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jun 02 08:13:43.616939 osdx cfgd[1665]: Execute action [syntax] for node [system ntp authentication-key 1]
Jun 02 08:13:43.636442 osdx OSDxCLI[49943]: pam_unix(cli:session): session closed for user admin
Jun 02 08:13:43.636680 osdx OSDxCLI[49943]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 ******'.
Jun 02 08:13:43.772962 osdx OSDxCLI[49943]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jun 02 08:13:43.776318 osdx OSDxCLI[49943]: pam_unix(cli:session): session closed for user admin
Jun 02 08:13:43.776569 osdx OSDxCLI[49943]: User 'admin' added a new cfg line: 'show changes'.
Jun 02 08:13:43.851208 osdx OSDxCLI[49943]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jun 02 08:13:43.858220 osdx ubnt-cfgd[52909]: inactive
Jun 02 08:13:43.917863 osdx cfgd[1665]: [49943]must validation for [system strong-password] was skipped
Jun 02 08:13:43.917916 osdx cfgd[1665]: [49943]must validation for [system login user admin role] was skipped
Jun 02 08:13:43.929700 osdx WARNING[52915]: Short keyboard patterns are easy to guess.
Jun 02 08:13:43.930007 osdx INFO[52915]: Suggestions:
Jun 02 08:13:43.930087 osdx INFO[52915]:   Add another word or two. Uncommon words are better.
Jun 02 08:13:43.930145 osdx INFO[52915]:   Use a longer keyboard pattern with more turns.
Jun 02 08:13:43.930198 osdx INFO[52915]: Crack times (passwords per time):
Jun 02 08:13:43.930255 osdx INFO[52915]:   100 per hour:              centuries
Jun 02 08:13:43.930308 osdx INFO[52915]:   10 per second:             3 months
Jun 02 08:13:43.930396 osdx INFO[52915]:   10.000 per second:         3 hours
Jun 02 08:13:43.930457 osdx INFO[52915]:   10.000.000.000 per second: less than a second
Jun 02 08:13:43.935208 osdx INFO[52917]: FRR daemons did not change
Jun 02 08:13:43.935602 osdx cfgd[1665]: Execute action [end] for node [system ntp]
Jun 02 08:13:43.980698 osdx systemd[1]: Starting ntpsec.service - Network Time Service...
Jun 02 08:13:43.988183 osdx ntpd[52924]: INIT: ntpd ntpsec-1.2.2+1-g8bf3d37: Starting
Jun 02 08:13:43.988448 osdx ntp-systemd-wrapper[52924]: 2026-06-02T08:13:43 ntpd[52924]: INIT: ntpd ntpsec-1.2.2+1-g8bf3d37: Starting
Jun 02 08:13:43.988502 osdx ntpd[52924]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Jun 02 08:13:43.988543 osdx ntp-systemd-wrapper[52924]: 2026-06-02T08:13:43 ntpd[52924]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Jun 02 08:13:43.989202 osdx systemd[1]: Started ntpsec.service - Network Time Service.
Jun 02 08:13:43.990557 osdx cfgd[1665]: [49943]Completed change to active configuration
Jun 02 08:13:43.991858 osdx ntpd[52926]: INIT: precision = 0.054 usec (-24)
Jun 02 08:13:43.992373 osdx OSDxCLI[49943]: pam_unix(cli:session): session closed for user admin
Jun 02 08:13:43.992387 osdx ntpd[52926]: INIT: successfully locked into RAM
Jun 02 08:13:43.992399 osdx ntpd[52926]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
Jun 02 08:13:43.992432 osdx ntpd[52926]: AUTH: authreadkeys: reading /etc/ntp.keys
Jun 02 08:13:43.992608 osdx OSDxCLI[49943]: User 'admin' committed the configuration.
Jun 02 08:13:43.992629 osdx ntpd[52926]: AUTH: authreadkeys: added 1 keys
Jun 02 08:13:43.992671 osdx ntpd[52926]: INIT: Using SO_TIMESTAMPNS(ns)
Jun 02 08:13:43.992682 osdx ntpd[52926]: IO: Listen and drop on 0 v6wildcard [::]:123
Jun 02 08:13:43.992694 osdx ntpd[52926]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Jun 02 08:13:43.993069 osdx ntpd[52926]: IO: Listen normally on 2 lo 127.0.0.1:123
Jun 02 08:13:43.993087 osdx ntpd[52926]: IO: Listen normally on 3 lo [::1]:123
Jun 02 08:13:43.993104 osdx ntpd[52926]: IO: Listening on routing socket on fd #20 for interface updates
Jun 02 08:13:43.993110 osdx ntpd[52926]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
Jun 02 08:13:43.993156 osdx ntpd[52926]: INIT: Built with OpenSSL 3.0.14 4 Jun 2024, 300000e0
Jun 02 08:13:43.993158 osdx ntpd[52926]: INIT: Running with OpenSSL 3.0.16 11 Feb 2025, 30000100
Jun 02 08:13:43.993594 osdx ntpd[52926]: NTSc: Using system default root certificates.
Jun 02 08:13:44.022470 osdx OSDxCLI[49943]: User 'admin' left the configuration menu.
Jun 02 08:13:44.163992 osdx OSDxCLI[49943]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)

---