Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0 :

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system ntp authentication-key 1 encrypted-key U2FsdGVkX1+QA/GOowjhcCDEjlbur/4piA31X8xtnZ8=
set system strong-password level 2

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX1+QA/GOowjhcGwGaaH7YSytlLKks+aU09U=

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0 :

set system cli configuration logging global info
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system strong-password display
set system strong-password level 0

Step 2: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX1/loOukAk4Wlbo0zXj45bmsIQlnfEYiCAI=

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

Oct 10 18:34:12.300633 osdx systemd-journald[1670]: Runtime Journal (/run/log/journal/d6792964fe7547c9a60a3d774aa97dac) is 2.1M, max 13.8M, 11.6M free.
Oct 10 18:34:12.303082 osdx systemd-journald[1670]: Received client request to rotate journal, rotating.
Oct 10 18:34:12.303134 osdx systemd-journald[1670]: Vacuuming done, freed 0B of archived journals from /run/log/journal/d6792964fe7547c9a60a3d774aa97dac.
Oct 10 18:34:12.310285 osdx OSDxCLI[110106]: User 'admin' executed a new command: 'system journal clear'.
Oct 10 18:34:12.517574 osdx OSDxCLI[110106]: User 'admin' executed a new command: 'system coredump delete all'.
Oct 10 18:34:12.724387 osdx OSDxCLI[110106]: User 'admin' entered the configuration menu.
Oct 10 18:34:12.828112 osdx OSDxCLI[110106]: User 'admin' added a new cfg line: 'set system console log-level info'.
Oct 10 18:34:12.887785 osdx OSDxCLI[110106]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
Oct 10 18:34:12.991565 osdx OSDxCLI[110106]: User 'admin' added a new cfg line: 'set system strong-password display'.
Oct 10 18:34:13.053274 osdx OSDxCLI[110106]: User 'admin' added a new cfg line: 'show working'.
Oct 10 18:34:13.145946 osdx ubnt-cfgd[115237]: inactive
Oct 10 18:34:13.167761 osdx INFO[115245]: FRR daemons did not change
Oct 10 18:34:13.169755 osdx modulelauncher[1284]: + Received data: ['110106', 'osdx.utils.xos', 'set_console_log_level', 'info']
Oct 10 18:34:13.191868 osdx OSDxCLI[110106]: Signal 10 received
Oct 10 18:34:13.215180 osdx cfgd[1464]: [110106]Completed change to active configuration
Oct 10 18:34:13.216951 osdx OSDxCLI[110106]: User 'admin' committed the configuration.
Oct 10 18:34:13.258901 osdx OSDxCLI[110106]: User 'admin' left the configuration menu.
Oct 10 18:34:13.398592 osdx OSDxCLI[110106]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Oct 10 18:34:13.399134 osdx OSDxCLI[110106]: pam_unix(cli:session): session closed for user admin
Oct 10 18:34:13.399404 osdx OSDxCLI[110106]: User 'admin' entered the configuration menu.
Oct 10 18:34:13.467342 osdx OSDxCLI[110106]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Oct 10 18:34:13.467607 osdx cfgd[1464]: Execute action [syntax] for node [system ntp authentication-key 1]
Oct 10 18:34:13.486444 osdx OSDxCLI[110106]: pam_unix(cli:session): session closed for user admin
Oct 10 18:34:13.486674 osdx OSDxCLI[110106]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 ******'.
Oct 10 18:34:13.560570 osdx OSDxCLI[110106]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Oct 10 18:34:13.568757 osdx OSDxCLI[110106]: pam_unix(cli:session): session closed for user admin
Oct 10 18:34:13.569073 osdx OSDxCLI[110106]: User 'admin' added a new cfg line: 'show changes'.
Oct 10 18:34:13.631854 osdx OSDxCLI[110106]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Oct 10 18:34:13.641104 osdx ubnt-cfgd[115276]: inactive
Oct 10 18:34:13.651537 osdx cfgd[1464]: [110106]must validation for [system strong-password] was skipped
Oct 10 18:34:13.651615 osdx cfgd[1464]: [110106]must validation for [system login user admin role] was skipped
Oct 10 18:34:13.670967 osdx WARNING[115282]: Short keyboard patterns are easy to guess.
Oct 10 18:34:13.671017 osdx INFO[115282]: Suggestions:
Oct 10 18:34:13.671053 osdx INFO[115282]:   Add another word or two. Uncommon words are better.
Oct 10 18:34:13.671140 osdx INFO[115282]:   Use a longer keyboard pattern with more turns.
Oct 10 18:34:13.671165 osdx INFO[115282]: Crack times (passwords per time):
Oct 10 18:34:13.671187 osdx INFO[115282]:   100 per hour:              centuries
Oct 10 18:34:13.671210 osdx INFO[115282]:   10 per second:             3 months
Oct 10 18:34:13.671271 osdx INFO[115282]:   10.000 per second:         3 hours
Oct 10 18:34:13.671297 osdx INFO[115282]:   10.000.000.000 per second: less than a second
Oct 10 18:34:13.676080 osdx INFO[115284]: FRR daemons did not change
Oct 10 18:34:13.676287 osdx cfgd[1464]: Execute action [end] for node [system ntp]
Oct 10 18:34:13.723451 osdx systemd[1]: Starting ntpsec.service - Network Time Service...
Oct 10 18:34:13.730023 osdx ntpd[115291]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
Oct 10 18:34:13.730040 osdx ntpd[115291]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Oct 10 18:34:13.730308 osdx ntp-systemd-wrapper[115291]: 2025-10-10T18:34:13 ntpd[115291]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
Oct 10 18:34:13.730308 osdx ntp-systemd-wrapper[115291]: 2025-10-10T18:34:13 ntpd[115291]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Oct 10 18:34:13.730571 osdx systemd[1]: Started ntpsec.service - Network Time Service.
Oct 10 18:34:13.731457 osdx cfgd[1464]: [110106]Completed change to active configuration
Oct 10 18:34:13.733300 osdx OSDxCLI[110106]: pam_unix(cli:session): session closed for user admin
Oct 10 18:34:13.733536 osdx OSDxCLI[110106]: User 'admin' committed the configuration.
Oct 10 18:34:13.733677 osdx ntpd[115293]: INIT: precision = 0.079 usec (-24)
Oct 10 18:34:13.734293 osdx ntpd[115293]: INIT: successfully locked into RAM
Oct 10 18:34:13.734317 osdx ntpd[115293]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
Oct 10 18:34:13.734355 osdx ntpd[115293]: AUTH: authreadkeys: reading /etc/ntp.keys
Oct 10 18:34:13.734572 osdx ntpd[115293]: AUTH: authreadkeys: added 1 keys
Oct 10 18:34:13.734625 osdx ntpd[115293]: INIT: Using SO_TIMESTAMPNS(ns)
Oct 10 18:34:13.734640 osdx ntpd[115293]: IO: Listen and drop on 0 v6wildcard [::]:123
Oct 10 18:34:13.734655 osdx ntpd[115293]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Oct 10 18:34:13.735187 osdx ntpd[115293]: IO: Listen normally on 2 lo 127.0.0.1:123
Oct 10 18:34:13.735208 osdx ntpd[115293]: IO: Listen normally on 3 lo [::1]:123
Oct 10 18:34:13.735228 osdx ntpd[115293]: IO: Listening on routing socket on fd #20 for interface updates
Oct 10 18:34:13.735236 osdx ntpd[115293]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
Oct 10 18:34:13.735299 osdx ntpd[115293]: INIT: Built with OpenSSL 3.0.14 4 Jun 2024, 300000e0
Oct 10 18:34:13.735304 osdx ntpd[115293]: INIT: Running with OpenSSL 3.0.17 1 Jul 2025, 30000110
Oct 10 18:34:13.735919 osdx ntpd[115293]: NTSc: Using system default root certificates.
Oct 10 18:34:13.750205 osdx OSDxCLI[110106]: User 'admin' left the configuration menu.
Oct 10 18:34:13.874999 osdx OSDxCLI[110106]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)

---