Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0 :

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system ntp authentication-key 1 encrypted-key U2FsdGVkX187FeIUVWEGoWrhD3tY3HPHFKbpWg0VJhM=
set system strong-password level 2

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX187FeIUVWEGoUBdJwHBvDDvtsbPlTpvNmw=

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0 :

set system cli configuration logging global info
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system strong-password display
set system strong-password level 0

Step 2: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX1+ztozpNRAspMbFJZOsWGPhXVe9sfSskQM=

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

Aug 20 13:57:35.000155 osdx systemd-timedated[156893]: Changed local time to Wed 2025-08-20 13:57:35 UTC
Aug 20 13:57:35.001508 osdx OSDxCLI[151491]: User 'admin' executed a new command: 'set date 2025-08-20 13:57:35'.
Aug 20 13:57:35.002137 osdx systemd-journald[82189]: Time jumped backwards, rotating.
Aug 20 13:57:35.300842 osdx sudo[165379]: pam_limits(sudo:session): invalid line '@200:215        hard        maxlogins        ' - skipped
Aug 20 13:57:35.305034 osdx systemd-journald[82189]: Runtime Journal (/run/log/journal/c36516c5c29741ae91520d0cd389ea90) is 2.0M, max 15.3M, 13.3M free.
Aug 20 13:57:35.306141 osdx systemd-journald[82189]: Received client request to rotate journal, rotating.
Aug 20 13:57:35.306196 osdx systemd-journald[82189]: Vacuuming done, freed 0B of archived journals from /run/log/journal/c36516c5c29741ae91520d0cd389ea90.
Aug 20 13:57:35.310694 osdx sudo[165378]: pam_limits(sudo:session): invalid line '@200:215        hard        maxlogins        ' - skipped
Aug 20 13:57:35.318758 osdx OSDxCLI[151491]: User 'admin' executed a new command: 'system journal clear'.
Aug 20 13:57:35.586704 osdx OSDxCLI[151491]: User 'admin' executed a new command: 'system coredump delete all'.
Aug 20 13:57:35.839893 osdx OSDxCLI[151491]: User 'admin' entered the configuration menu.
Aug 20 13:57:35.902853 osdx OSDxCLI[151491]: User 'admin' added a new cfg line: 'set system console log-level info'.
Aug 20 13:57:36.034967 osdx OSDxCLI[151491]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
Aug 20 13:57:36.116463 osdx OSDxCLI[151491]: User 'admin' added a new cfg line: 'set system strong-password display'.
Aug 20 13:57:36.232477 osdx OSDxCLI[151491]: User 'admin' added a new cfg line: 'show working'.
Aug 20 13:57:36.292241 osdx ubnt-cfgd[165400]: inactive
Aug 20 13:57:36.311943 osdx INFO[165408]: FRR daemons did not change
Aug 20 13:57:36.312904 osdx modulelauncher[1479]: + Received data: ['151491', 'osdx.utils.xos', 'set_console_log_level', 'info']
Aug 20 13:57:36.331296 osdx OSDxCLI[151491]: Signal 10 received
Aug 20 13:57:36.344498 osdx cfgd[1656]: [151491]Completed change to active configuration
Aug 20 13:57:36.346714 osdx OSDxCLI[151491]: User 'admin' committed the configuration.
Aug 20 13:57:36.364606 osdx OSDxCLI[151491]: User 'admin' left the configuration menu.
Aug 20 13:57:36.529109 osdx OSDxCLI[151491]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Aug 20 13:57:36.529754 osdx OSDxCLI[151491]: pam_unix(cli:session): session closed for user admin
Aug 20 13:57:36.530132 osdx OSDxCLI[151491]: User 'admin' entered the configuration menu.
Aug 20 13:57:36.591797 osdx OSDxCLI[151491]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Aug 20 13:57:36.592184 osdx cfgd[1656]: Execute action [syntax] for node [system ntp authentication-key 1]
Aug 20 13:57:36.611785 osdx OSDxCLI[151491]: pam_unix(cli:session): session closed for user admin
Aug 20 13:57:36.612122 osdx OSDxCLI[151491]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 ******'.
Aug 20 13:57:36.690556 osdx OSDxCLI[151491]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Aug 20 13:57:36.698963 osdx OSDxCLI[151491]: pam_unix(cli:session): session closed for user admin
Aug 20 13:57:36.699238 osdx OSDxCLI[151491]: User 'admin' added a new cfg line: 'show changes'.
Aug 20 13:57:36.750157 osdx OSDxCLI[151491]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Aug 20 13:57:36.762245 osdx ubnt-cfgd[165434]: inactive
Aug 20 13:57:36.772585 osdx cfgd[1656]: [151491]must validation for [system strong-password] was skipped
Aug 20 13:57:36.772638 osdx cfgd[1656]: [151491]must validation for [system login user admin role] was skipped
Aug 20 13:57:36.789681 osdx WARNING[165440]: Short keyboard patterns are easy to guess.
Aug 20 13:57:36.790033 osdx INFO[165440]: Suggestions:
Aug 20 13:57:36.790111 osdx INFO[165440]:   Add another word or two. Uncommon words are better.
Aug 20 13:57:36.790188 osdx INFO[165440]:   Use a longer keyboard pattern with more turns.
Aug 20 13:57:36.790252 osdx INFO[165440]: Crack times (passwords per time):
Aug 20 13:57:36.790310 osdx INFO[165440]:   100 per hour:              centuries
Aug 20 13:57:36.790368 osdx INFO[165440]:   10 per second:             3 months
Aug 20 13:57:36.790465 osdx INFO[165440]:   10.000 per second:         3 hours
Aug 20 13:57:36.790529 osdx INFO[165440]:   10.000.000.000 per second: less than a second
Aug 20 13:57:36.796332 osdx INFO[165442]: FRR daemons did not change
Aug 20 13:57:36.796720 osdx cfgd[1656]: Execute action [end] for node [system ntp]
Aug 20 13:57:36.834493 osdx systemd[1]: Starting ntpsec.service - Network Time Service...
Aug 20 13:57:36.841958 osdx ntpd[165449]: INIT: ntpd ntpsec-1.2.2+1-g8bf3d37: Starting
Aug 20 13:57:36.842142 osdx ntp-systemd-wrapper[165449]: 2025-08-20T13:57:36 ntpd[165449]: INIT: ntpd ntpsec-1.2.2+1-g8bf3d37: Starting
Aug 20 13:57:36.842178 osdx ntpd[165449]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Aug 20 13:57:36.842210 osdx ntp-systemd-wrapper[165449]: 2025-08-20T13:57:36 ntpd[165449]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Aug 20 13:57:36.842755 osdx systemd[1]: Started ntpsec.service - Network Time Service.
Aug 20 13:57:36.843724 osdx cfgd[1656]: [151491]Completed change to active configuration
Aug 20 13:57:36.845597 osdx OSDxCLI[151491]: pam_unix(cli:session): session closed for user admin
Aug 20 13:57:36.845884 osdx OSDxCLI[151491]: User 'admin' committed the configuration.
Aug 20 13:57:36.846893 osdx ntpd[165451]: INIT: precision = 0.079 usec (-24)
Aug 20 13:57:36.847554 osdx ntpd[165451]: INIT: successfully locked into RAM
Aug 20 13:57:36.847569 osdx ntpd[165451]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
Aug 20 13:57:36.847606 osdx ntpd[165451]: AUTH: authreadkeys: reading /etc/ntp.keys
Aug 20 13:57:36.847801 osdx ntpd[165451]: AUTH: authreadkeys: added 1 keys
Aug 20 13:57:36.847848 osdx ntpd[165451]: INIT: Using SO_TIMESTAMPNS(ns)
Aug 20 13:57:36.847860 osdx ntpd[165451]: IO: Listen and drop on 0 v6wildcard [::]:123
Aug 20 13:57:36.847875 osdx ntpd[165451]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Aug 20 13:57:36.848429 osdx ntpd[165451]: IO: Listen normally on 2 lo 127.0.0.1:123
Aug 20 13:57:36.848447 osdx ntpd[165451]: IO: Listen normally on 3 lo [::1]:123
Aug 20 13:57:36.848467 osdx ntpd[165451]: IO: Listening on routing socket on fd #20 for interface updates
Aug 20 13:57:36.848475 osdx ntpd[165451]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
Aug 20 13:57:36.848540 osdx ntpd[165451]: INIT: Built with OpenSSL 3.0.14 4 Jun 2024, 300000e0
Aug 20 13:57:36.848543 osdx ntpd[165451]: INIT: Running with OpenSSL 3.0.16 11 Feb 2025, 30000100
Aug 20 13:57:36.849141 osdx ntpd[165451]: NTSc: Using system default root certificates.
Aug 20 13:57:36.863596 osdx OSDxCLI[151491]: User 'admin' left the configuration menu.
Aug 20 13:57:36.979416 osdx OSDxCLI[151491]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)

---