Strong Password
Test suite to check the OSDx password strong-password level
Test Strong Password
Description
A password strength level and a strong password are configured and then attempting to configure a weak password fails.
Scenario
Step 1: Set the following configuration in DUT0 :
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set system ntp authentication-key 1 encrypted-key U2FsdGVkX1+8mcWnPbn8dzggSK8pqXEHif0GBkSu0bQ= set system strong-password level 2
Note
This password has a score of 4.
Step 2: Expect a failure in the following command:
Modify the following configuration lines in DUT0 :
set system ntp authentication-key 1 encrypted-key U2FsdGVkX1+8mcWnPbn8dwcfxVMza5VG+1hE52OXXo8=
Note
This password has a score of 0, which is lower than the strong-password level.
Test Password Display
Description
Check that additional information from the strong-password is displayed correctly
Scenario
Step 1: Set the following configuration in DUT0 :
set system cli configuration logging global info set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set system strong-password display set system strong-password level 0
Step 2: Modify the following configuration lines in DUT0 :
set system ntp authentication-key 1 encrypted-key U2FsdGVkX1+3fDx7huujZ/mn9VPNfcJSKgFqQx1a9Kk=
Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:
Show output
Dec 17 16:25:10.346675 osdx systemd-journald[1666]: Runtime Journal (/run/log/journal/a189e667ab9f46898dbfc92a68a94f73) is 2.1M, max 13.8M, 11.6M free. Dec 17 16:25:10.350278 osdx systemd-journald[1666]: Received client request to rotate journal, rotating. Dec 17 16:25:10.350366 osdx systemd-journald[1666]: Vacuuming done, freed 0B of archived journals from /run/log/journal/a189e667ab9f46898dbfc92a68a94f73. Dec 17 16:25:10.363358 osdx OSDxCLI[19513]: User 'admin' executed a new command: 'system journal clear'. Dec 17 16:25:10.597816 osdx OSDxCLI[19513]: User 'admin' executed a new command: 'system coredump delete all'. Dec 17 16:25:10.895236 osdx OSDxCLI[19513]: User 'admin' entered the configuration menu. Dec 17 16:25:10.960204 osdx OSDxCLI[19513]: User 'admin' added a new cfg line: 'set system console log-level info'. Dec 17 16:25:11.076927 osdx OSDxCLI[19513]: User 'admin' added a new cfg line: 'set system strong-password level 0'. Dec 17 16:25:11.133642 osdx OSDxCLI[19513]: User 'admin' added a new cfg line: 'set system strong-password display'. Dec 17 16:25:11.235213 osdx OSDxCLI[19513]: User 'admin' added a new cfg line: 'show working'. Dec 17 16:25:11.314189 osdx ubnt-cfgd[21031]: inactive Dec 17 16:25:11.332742 osdx INFO[21039]: FRR daemons did not change Dec 17 16:25:11.334545 osdx modulelauncher[1280]: + Received data: ['19513', 'osdx.utils.xos', 'set_console_log_level', 'info'] Dec 17 16:25:11.357134 osdx OSDxCLI[19513]: Signal 10 received Dec 17 16:25:11.385552 osdx cfgd[1460]: [19513]Completed change to active configuration Dec 17 16:25:11.388037 osdx OSDxCLI[19513]: User 'admin' committed the configuration. Dec 17 16:25:11.416137 osdx OSDxCLI[19513]: User 'admin' left the configuration menu. Dec 17 16:25:11.615153 osdx OSDxCLI[19513]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000) Dec 17 16:25:11.615775 osdx OSDxCLI[19513]: pam_unix(cli:session): session closed for user admin Dec 17 16:25:11.616060 osdx OSDxCLI[19513]: User 'admin' entered the configuration menu. Dec 17 16:25:11.682490 osdx OSDxCLI[19513]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000) Dec 17 16:25:11.682783 osdx cfgd[1460]: Execute action [syntax] for node [system ntp authentication-key 1] Dec 17 16:25:11.879854 osdx OSDxCLI[19513]: pam_unix(cli:session): session closed for user admin Dec 17 16:25:11.880211 osdx OSDxCLI[19513]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 ******'. Dec 17 16:25:11.928821 osdx OSDxCLI[19513]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000) Dec 17 16:25:11.933250 osdx OSDxCLI[19513]: pam_unix(cli:session): session closed for user admin Dec 17 16:25:11.933595 osdx OSDxCLI[19513]: User 'admin' added a new cfg line: 'show changes'. Dec 17 16:25:12.031687 osdx OSDxCLI[19513]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000) Dec 17 16:25:12.039478 osdx ubnt-cfgd[21070]: inactive Dec 17 16:25:12.052771 osdx cfgd[1460]: [19513]must validation for [system strong-password] was skipped Dec 17 16:25:12.052849 osdx cfgd[1460]: [19513]must validation for [system login user admin role] was skipped Dec 17 16:25:12.064811 osdx WARNING[21076]: Short keyboard patterns are easy to guess. Dec 17 16:25:12.064857 osdx INFO[21076]: Suggestions: Dec 17 16:25:12.064886 osdx INFO[21076]: Add another word or two. Uncommon words are better. Dec 17 16:25:12.064908 osdx INFO[21076]: Use a longer keyboard pattern with more turns. Dec 17 16:25:12.064924 osdx INFO[21076]: Crack times (passwords per time): Dec 17 16:25:12.064944 osdx INFO[21076]: 100 per hour: centuries Dec 17 16:25:12.064960 osdx INFO[21076]: 10 per second: 3 months Dec 17 16:25:12.065011 osdx INFO[21076]: 10.000 per second: 3 hours Dec 17 16:25:12.065030 osdx INFO[21076]: 10.000.000.000 per second: less than a second Dec 17 16:25:12.070343 osdx INFO[21078]: FRR daemons did not change Dec 17 16:25:12.070565 osdx cfgd[1460]: Execute action [end] for node [system ntp] Dec 17 16:25:12.102594 osdx systemd[1]: Starting ntpsec.service - Network Time Service... Dec 17 16:25:12.108417 osdx ntpd[21085]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting Dec 17 16:25:12.108435 osdx ntpd[21085]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec Dec 17 16:25:12.108670 osdx ntp-systemd-wrapper[21085]: 2025-12-17T16:25:12 ntpd[21085]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting Dec 17 16:25:12.108670 osdx ntp-systemd-wrapper[21085]: 2025-12-17T16:25:12 ntpd[21085]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec Dec 17 16:25:12.108943 osdx systemd[1]: Started ntpsec.service - Network Time Service. Dec 17 16:25:12.109755 osdx cfgd[1460]: [19513]Completed change to active configuration Dec 17 16:25:12.111364 osdx OSDxCLI[19513]: pam_unix(cli:session): session closed for user admin Dec 17 16:25:12.111580 osdx OSDxCLI[19513]: User 'admin' committed the configuration. Dec 17 16:25:12.111959 osdx ntpd[21087]: INIT: precision = 0.076 usec (-24) Dec 17 16:25:12.112618 osdx ntpd[21087]: INIT: successfully locked into RAM Dec 17 16:25:12.112637 osdx ntpd[21087]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf Dec 17 16:25:12.112674 osdx ntpd[21087]: AUTH: authreadkeys: reading /etc/ntp.keys Dec 17 16:25:12.112862 osdx ntpd[21087]: AUTH: authreadkeys: added 1 keys Dec 17 16:25:12.112911 osdx ntpd[21087]: INIT: Using SO_TIMESTAMPNS(ns) Dec 17 16:25:12.112926 osdx ntpd[21087]: IO: Listen and drop on 0 v6wildcard [::]:123 Dec 17 16:25:12.112942 osdx ntpd[21087]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123 Dec 17 16:25:12.113449 osdx ntpd[21087]: IO: Listen normally on 2 lo 127.0.0.1:123 Dec 17 16:25:12.113471 osdx ntpd[21087]: IO: Listen normally on 3 lo [::1]:123 Dec 17 16:25:12.113491 osdx ntpd[21087]: IO: Listening on routing socket on fd #20 for interface updates Dec 17 16:25:12.113499 osdx ntpd[21087]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes Dec 17 16:25:12.113566 osdx ntpd[21087]: INIT: Built with OpenSSL 3.0.14 4 Jun 2024, 300000e0 Dec 17 16:25:12.113572 osdx ntpd[21087]: INIT: Running with OpenSSL 3.0.17 1 Jul 2025, 30000110 Dec 17 16:25:12.114167 osdx ntpd[21087]: NTSc: Using system default root certificates. Dec 17 16:25:12.127332 osdx OSDxCLI[19513]: User 'admin' left the configuration menu. Dec 17 16:25:12.245773 osdx OSDxCLI[19513]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)