Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0 :

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system ntp authentication-key 1 encrypted-key U2FsdGVkX1+K48TqltT0YJsp8RgPjCeDCI3fxFRHtiM=
set system strong-password level 2

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX1+K48TqltT0YCwIN5YwHnrFDjMWrnpyskM=

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0 :

set system cli configuration logging global info
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system strong-password display
set system strong-password level 0

Step 2: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX1+KKa+6yeBjVpXBUVoOTGqbtjsTvHgWDYU=

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

Nov 12 13:12:40.276997 osdx systemd-journald[1959]: Runtime Journal (/run/log/journal/5e4ed8d3546348e58126c9438c4a827c) is 2.1M, max 13.8M, 11.6M free.
Nov 12 13:12:40.277415 osdx systemd-journald[1959]: Received client request to rotate journal, rotating.
Nov 12 13:12:40.277446 osdx systemd-journald[1959]: Vacuuming done, freed 0B of archived journals from /run/log/journal/5e4ed8d3546348e58126c9438c4a827c.
Nov 12 13:12:40.287146 osdx OSDxCLI[239385]: User 'admin' executed a new command: 'system journal clear'.
Nov 12 13:12:40.490656 osdx OSDxCLI[239385]: User 'admin' executed a new command: 'system coredump delete all'.
Nov 12 13:12:40.694590 osdx OSDxCLI[239385]: User 'admin' entered the configuration menu.
Nov 12 13:12:40.789588 osdx OSDxCLI[239385]: User 'admin' added a new cfg line: 'set system console log-level info'.
Nov 12 13:12:40.849888 osdx OSDxCLI[239385]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
Nov 12 13:12:40.941827 osdx OSDxCLI[239385]: User 'admin' added a new cfg line: 'set system strong-password display'.
Nov 12 13:12:41.002639 osdx OSDxCLI[239385]: User 'admin' added a new cfg line: 'show working'.
Nov 12 13:12:41.096811 osdx ubnt-cfgd[246302]: inactive
Nov 12 13:12:41.115784 osdx INFO[246310]: FRR daemons did not change
Nov 12 13:12:41.118040 osdx modulelauncher[1476]: + Received data: ['239385', 'osdx.utils.xos', 'set_console_log_level', 'info']
Nov 12 13:12:41.139379 osdx OSDxCLI[239385]: Signal 10 received
Nov 12 13:12:41.166528 osdx cfgd[1656]: [239385]Completed change to active configuration
Nov 12 13:12:41.169125 osdx OSDxCLI[239385]: User 'admin' committed the configuration.
Nov 12 13:12:41.207197 osdx OSDxCLI[239385]: User 'admin' left the configuration menu.
Nov 12 13:12:41.375228 osdx OSDxCLI[239385]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Nov 12 13:12:41.375767 osdx OSDxCLI[239385]: pam_unix(cli:session): session closed for user admin
Nov 12 13:12:41.375970 osdx OSDxCLI[239385]: User 'admin' entered the configuration menu.
Nov 12 13:12:41.430979 osdx OSDxCLI[239385]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Nov 12 13:12:41.431235 osdx cfgd[1656]: Execute action [syntax] for node [system ntp authentication-key 1]
Nov 12 13:12:41.443116 osdx OSDxCLI[239385]: pam_unix(cli:session): session closed for user admin
Nov 12 13:12:41.443367 osdx OSDxCLI[239385]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 ******'.
Nov 12 13:12:41.524853 osdx OSDxCLI[239385]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Nov 12 13:12:41.528653 osdx OSDxCLI[239385]: pam_unix(cli:session): session closed for user admin
Nov 12 13:12:41.528868 osdx OSDxCLI[239385]: User 'admin' added a new cfg line: 'show changes'.
Nov 12 13:12:41.585486 osdx OSDxCLI[239385]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Nov 12 13:12:41.592908 osdx ubnt-cfgd[246341]: inactive
Nov 12 13:12:41.603734 osdx cfgd[1656]: [239385]must validation for [system strong-password] was skipped
Nov 12 13:12:41.603791 osdx cfgd[1656]: [239385]must validation for [system login user admin role] was skipped
Nov 12 13:12:41.615198 osdx WARNING[246347]: Short keyboard patterns are easy to guess.
Nov 12 13:12:41.615237 osdx INFO[246347]: Suggestions:
Nov 12 13:12:41.615262 osdx INFO[246347]:   Add another word or two. Uncommon words are better.
Nov 12 13:12:41.615280 osdx INFO[246347]:   Use a longer keyboard pattern with more turns.
Nov 12 13:12:41.615297 osdx INFO[246347]: Crack times (passwords per time):
Nov 12 13:12:41.615313 osdx INFO[246347]:   100 per hour:              centuries
Nov 12 13:12:41.615329 osdx INFO[246347]:   10 per second:             3 months
Nov 12 13:12:41.615380 osdx INFO[246347]:   10.000 per second:         3 hours
Nov 12 13:12:41.615399 osdx INFO[246347]:   10.000.000.000 per second: less than a second
Nov 12 13:12:41.620182 osdx INFO[246349]: FRR daemons did not change
Nov 12 13:12:41.620391 osdx cfgd[1656]: Execute action [end] for node [system ntp]
Nov 12 13:12:41.653476 osdx systemd[1]: Starting ntpsec.service - Network Time Service...
Nov 12 13:12:41.660139 osdx ntpd[246356]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
Nov 12 13:12:41.660156 osdx ntpd[246356]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Nov 12 13:12:41.660405 osdx ntp-systemd-wrapper[246356]: 2025-11-12T13:12:41 ntpd[246356]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
Nov 12 13:12:41.660405 osdx ntp-systemd-wrapper[246356]: 2025-11-12T13:12:41 ntpd[246356]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Nov 12 13:12:41.660671 osdx systemd[1]: Started ntpsec.service - Network Time Service.
Nov 12 13:12:41.661479 osdx cfgd[1656]: [239385]Completed change to active configuration
Nov 12 13:12:41.663201 osdx OSDxCLI[239385]: pam_unix(cli:session): session closed for user admin
Nov 12 13:12:41.663466 osdx OSDxCLI[239385]: User 'admin' committed the configuration.
Nov 12 13:12:41.663539 osdx ntpd[246358]: INIT: precision = 0.076 usec (-24)
Nov 12 13:12:41.664182 osdx ntpd[246358]: INIT: successfully locked into RAM
Nov 12 13:12:41.664199 osdx ntpd[246358]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
Nov 12 13:12:41.664235 osdx ntpd[246358]: AUTH: authreadkeys: reading /etc/ntp.keys
Nov 12 13:12:41.664438 osdx ntpd[246358]: AUTH: authreadkeys: added 1 keys
Nov 12 13:12:41.664486 osdx ntpd[246358]: INIT: Using SO_TIMESTAMPNS(ns)
Nov 12 13:12:41.664501 osdx ntpd[246358]: IO: Listen and drop on 0 v6wildcard [::]:123
Nov 12 13:12:41.664516 osdx ntpd[246358]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Nov 12 13:12:41.665053 osdx ntpd[246358]: IO: Listen normally on 2 lo 127.0.0.1:123
Nov 12 13:12:41.665074 osdx ntpd[246358]: IO: Listen normally on 3 lo [::1]:123
Nov 12 13:12:41.665094 osdx ntpd[246358]: IO: Listening on routing socket on fd #20 for interface updates
Nov 12 13:12:41.665101 osdx ntpd[246358]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
Nov 12 13:12:41.665175 osdx ntpd[246358]: INIT: Built with OpenSSL 3.0.14 4 Jun 2024, 300000e0
Nov 12 13:12:41.665181 osdx ntpd[246358]: INIT: Running with OpenSSL 3.0.17 1 Jul 2025, 30000110
Nov 12 13:12:41.665806 osdx ntpd[246358]: NTSc: Using system default root certificates.
Nov 12 13:12:41.693248 osdx OSDxCLI[239385]: User 'admin' left the configuration menu.
Nov 12 13:12:41.850528 osdx OSDxCLI[239385]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)

---