Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0 :

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system ntp authentication-key 1 encrypted-key U2FsdGVkX1/QknjDLBXKmlzfjNy9VgUDH8tqFg0aGx4=
set system strong-password level 2

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX1/QknjDLBXKmoS+5AsIo+D/r+p3jYMc0Zc=

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0 :

set system cli configuration logging global info
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system strong-password display
set system strong-password level 0

Step 2: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX19nvGTIdLzj5ghY6kpcoPhaVP5fByE40lk=

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

Jul 28 10:34:56.422177 osdx systemd-journald[340421]: Runtime Journal (/run/log/journal/a46937b51a3a4c469575696f63c9d620) is 2.4M, max 15.3M, 12.9M free.
Jul 28 10:34:56.424402 osdx systemd-journald[340421]: Received client request to rotate journal, rotating.
Jul 28 10:34:56.424474 osdx systemd-journald[340421]: Vacuuming done, freed 0B of archived journals from /run/log/journal/a46937b51a3a4c469575696f63c9d620.
Jul 28 10:34:56.442415 osdx OSDxCLI[340267]: User 'admin' executed a new command: 'system journal clear'.
Jul 28 10:34:56.777983 osdx OSDxCLI[340267]: User 'admin' executed a new command: 'system coredump delete all'.
Jul 28 10:34:57.205470 osdx OSDxCLI[340267]: User 'admin' entered the configuration menu.
Jul 28 10:34:57.336756 osdx OSDxCLI[340267]: User 'admin' added a new cfg line: 'set system console log-level info'.
Jul 28 10:34:57.466036 osdx OSDxCLI[340267]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
Jul 28 10:34:57.583105 osdx OSDxCLI[340267]: User 'admin' added a new cfg line: 'set system strong-password display'.
Jul 28 10:34:57.734652 osdx OSDxCLI[340267]: User 'admin' added a new cfg line: 'show working'.
Jul 28 10:34:57.869253 osdx ubnt-cfgd[351071]: inactive
Jul 28 10:34:57.901376 osdx INFO[351079]: FRR daemons did not change
Jul 28 10:34:57.902616 osdx modulelauncher[1296]: + Received data: ['340267', 'osdx.utils.xos', 'set_console_log_level', 'info']
Jul 28 10:34:57.934999 osdx OSDxCLI[340267]: Signal 10 received
Jul 28 10:34:57.956139 osdx cfgd[1473]: [340267]Completed change to active configuration
Jul 28 10:34:57.958952 osdx OSDxCLI[340267]: User 'admin' committed the configuration.
Jul 28 10:34:58.041663 osdx OSDxCLI[340267]: User 'admin' left the configuration menu.
Jul 28 10:34:58.270919 osdx OSDxCLI[340267]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jul 28 10:34:58.271940 osdx OSDxCLI[340267]: pam_unix(cli:session): session closed for user admin
Jul 28 10:34:58.272617 osdx OSDxCLI[340267]: User 'admin' entered the configuration menu.
Jul 28 10:34:58.421733 osdx OSDxCLI[340267]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jul 28 10:34:58.422278 osdx cfgd[1473]: Execute action [syntax] for node [system ntp authentication-key 1]
Jul 28 10:34:58.462581 osdx OSDxCLI[340267]: pam_unix(cli:session): session closed for user admin
Jul 28 10:34:58.463630 osdx OSDxCLI[340267]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 ******'.
Jul 28 10:34:58.577145 osdx OSDxCLI[340267]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jul 28 10:34:58.617017 osdx OSDxCLI[340267]: pam_unix(cli:session): session closed for user admin
Jul 28 10:34:58.617582 osdx OSDxCLI[340267]: User 'admin' added a new cfg line: 'show changes'.
Jul 28 10:34:58.699234 osdx OSDxCLI[340267]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jul 28 10:34:58.722616 osdx ubnt-cfgd[351105]: inactive
Jul 28 10:34:58.750525 osdx cfgd[1473]: [340267]must validation for [system strong-password] was skipped
Jul 28 10:34:58.750850 osdx cfgd[1473]: [340267]must validation for [system login user admin role] was skipped
Jul 28 10:34:58.777523 osdx WARNING[351111]: Short keyboard patterns are easy to guess.
Jul 28 10:34:58.777980 osdx INFO[351111]: Suggestions:
Jul 28 10:34:58.778114 osdx INFO[351111]:   Add another word or two. Uncommon words are better.
Jul 28 10:34:58.778228 osdx INFO[351111]:   Use a longer keyboard pattern with more turns.
Jul 28 10:34:58.778345 osdx INFO[351111]: Crack times (passwords per time):
Jul 28 10:34:58.778460 osdx INFO[351111]:   100 per hour:              centuries
Jul 28 10:34:58.778573 osdx INFO[351111]:   10 per second:             3 months
Jul 28 10:34:58.778769 osdx INFO[351111]:   10.000 per second:         3 hours
Jul 28 10:34:58.778885 osdx INFO[351111]:   10.000.000.000 per second: less than a second
Jul 28 10:34:58.797091 osdx INFO[351113]: FRR daemons did not change
Jul 28 10:34:58.798522 osdx cfgd[1473]: Execute action [end] for node [system ntp]
Jul 28 10:34:58.837186 osdx systemd[1]: Starting ntpsec.service - Network Time Service...
Jul 28 10:34:58.848648 osdx ntpd[351120]: INIT: ntpd ntpsec-1.2.2+1-g8bf3d37: Starting
Jul 28 10:34:58.849149 osdx ntp-systemd-wrapper[351120]: 2025-07-28T10:34:58 ntpd[351120]: INIT: ntpd ntpsec-1.2.2+1-g8bf3d37: Starting
Jul 28 10:34:58.849224 osdx ntpd[351120]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Jul 28 10:34:58.849301 osdx ntp-systemd-wrapper[351120]: 2025-07-28T10:34:58 ntpd[351120]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Jul 28 10:34:58.850418 osdx systemd[1]: Started ntpsec.service - Network Time Service.
Jul 28 10:34:58.852698 osdx cfgd[1473]: [340267]Completed change to active configuration
Jul 28 10:34:58.860062 osdx ntpd[351122]: INIT: precision = 0.086 usec (-23)
Jul 28 10:34:58.860993 osdx OSDxCLI[340267]: pam_unix(cli:session): session closed for user admin
Jul 28 10:34:58.861454 osdx OSDxCLI[340267]: User 'admin' committed the configuration.
Jul 28 10:34:58.862236 osdx ntpd[351122]: INIT: successfully locked into RAM
Jul 28 10:34:58.862258 osdx ntpd[351122]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
Jul 28 10:34:58.862307 osdx ntpd[351122]: AUTH: authreadkeys: reading /etc/ntp.keys
Jul 28 10:34:58.862649 osdx ntpd[351122]: AUTH: authreadkeys: added 1 keys
Jul 28 10:34:58.863660 osdx ntpd[351122]: INIT: Using SO_TIMESTAMPNS(ns)
Jul 28 10:34:58.863718 osdx ntpd[351122]: IO: Listen and drop on 0 v6wildcard [::]:123
Jul 28 10:34:58.863753 osdx ntpd[351122]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Jul 28 10:34:58.864572 osdx ntpd[351122]: IO: Listen normally on 2 lo 127.0.0.1:123
Jul 28 10:34:58.864599 osdx ntpd[351122]: IO: Listen normally on 3 lo [::1]:123
Jul 28 10:34:58.864632 osdx ntpd[351122]: IO: Listening on routing socket on fd #20 for interface updates
Jul 28 10:34:58.864642 osdx ntpd[351122]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
Jul 28 10:34:58.864771 osdx ntpd[351122]: INIT: Built with OpenSSL 3.0.14 4 Jun 2024, 300000e0
Jul 28 10:34:58.864779 osdx ntpd[351122]: INIT: Running with OpenSSL 3.0.16 11 Feb 2025, 30000100
Jul 28 10:34:58.865754 osdx ntpd[351122]: NTSc: Using system default root certificates.
Jul 28 10:34:58.940139 osdx OSDxCLI[340267]: User 'admin' left the configuration menu.
Jul 28 10:34:59.166450 osdx OSDxCLI[340267]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)

---