Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0 :

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system ntp authentication-key 1 encrypted-key U2FsdGVkX1/GEAShwMoHnECvMIvb6tt1Q0JzzGHD6Fg=
set system strong-password level 2

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX1/GEAShwMoHnFkHMV6pjQK5zXkWzaRyCiw=

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0 :

set system cli configuration logging global info
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system strong-password display
set system strong-password level 0

Step 2: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX19UwchOvHyYI93+/9U+I34GF9FpEUf7p+A=

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

Jan 27 17:37:20.279543 osdx systemd-journald[83446]: Runtime Journal (/run/log/journal/7f16b2c6785447ce99316296df636466) is 2.1M, max 13.8M, 11.6M free.
Jan 27 17:37:20.281325 osdx systemd-journald[83446]: Received client request to rotate journal, rotating.
Jan 27 17:37:20.281371 osdx systemd-journald[83446]: Vacuuming done, freed 0B of archived journals from /run/log/journal/7f16b2c6785447ce99316296df636466.
Jan 27 17:37:20.290123 osdx OSDxCLI[103601]: User 'admin' executed a new command: 'system journal clear'.
Jan 27 17:37:20.509722 osdx OSDxCLI[103601]: User 'admin' executed a new command: 'system coredump delete all'.
Jan 27 17:37:20.765517 osdx OSDxCLI[103601]: User 'admin' entered the configuration menu.
Jan 27 17:37:20.822030 osdx OSDxCLI[103601]: User 'admin' added a new cfg line: 'set system console log-level info'.
Jan 27 17:37:20.917182 osdx OSDxCLI[103601]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
Jan 27 17:37:20.970386 osdx OSDxCLI[103601]: User 'admin' added a new cfg line: 'set system strong-password display'.
Jan 27 17:37:21.076061 osdx OSDxCLI[103601]: User 'admin' added a new cfg line: 'show working'.
Jan 27 17:37:21.141665 osdx ubnt-cfgd[164782]: inactive
Jan 27 17:37:21.159498 osdx INFO[164790]: FRR daemons did not change
Jan 27 17:37:21.161491 osdx modulelauncher[1432]: + Received data: ['103601', 'osdx.utils.xos', 'set_console_log_level', 'info']
Jan 27 17:37:21.179258 osdx OSDxCLI[103601]: Signal 10 received
Jan 27 17:37:21.205880 osdx cfgd[1623]: [103601]Completed change to active configuration
Jan 27 17:37:21.208067 osdx OSDxCLI[103601]: User 'admin' committed the configuration.
Jan 27 17:37:21.233009 osdx OSDxCLI[103601]: User 'admin' left the configuration menu.
Jan 27 17:37:21.436093 osdx OSDxCLI[103601]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jan 27 17:37:21.436572 osdx OSDxCLI[103601]: pam_unix(cli:session): session closed for user admin
Jan 27 17:37:21.436803 osdx OSDxCLI[103601]: User 'admin' entered the configuration menu.
Jan 27 17:37:21.504352 osdx OSDxCLI[103601]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jan 27 17:37:21.504669 osdx cfgd[1623]: Execute action [syntax] for node [system ntp authentication-key 1]
Jan 27 17:37:21.520480 osdx OSDxCLI[103601]: pam_unix(cli:session): session closed for user admin
Jan 27 17:37:21.520703 osdx OSDxCLI[103601]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 ******'.
Jan 27 17:37:21.607365 osdx OSDxCLI[103601]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jan 27 17:37:21.612307 osdx OSDxCLI[103601]: pam_unix(cli:session): session closed for user admin
Jan 27 17:37:21.612535 osdx OSDxCLI[103601]: User 'admin' added a new cfg line: 'show changes'.
Jan 27 17:37:21.680403 osdx OSDxCLI[103601]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jan 27 17:37:21.687120 osdx ubnt-cfgd[164821]: inactive
Jan 27 17:37:21.697141 osdx cfgd[1623]: [103601]must validation for [system strong-password] was skipped
Jan 27 17:37:21.697202 osdx cfgd[1623]: [103601]must validation for [system login user admin role] was skipped
Jan 27 17:37:21.708807 osdx WARNING[164827]: Short keyboard patterns are easy to guess.
Jan 27 17:37:21.708847 osdx INFO[164827]: Suggestions:
Jan 27 17:37:21.708876 osdx INFO[164827]:   Add another word or two. Uncommon words are better.
Jan 27 17:37:21.708895 osdx INFO[164827]:   Use a longer keyboard pattern with more turns.
Jan 27 17:37:21.708911 osdx INFO[164827]: Crack times (passwords per time):
Jan 27 17:37:21.708927 osdx INFO[164827]:   100 per hour:              centuries
Jan 27 17:37:21.708943 osdx INFO[164827]:   10 per second:             3 months
Jan 27 17:37:21.708996 osdx INFO[164827]:   10.000 per second:         3 hours
Jan 27 17:37:21.709019 osdx INFO[164827]:   10.000.000.000 per second: less than a second
Jan 27 17:37:21.713011 osdx INFO[164829]: FRR daemons did not change
Jan 27 17:37:21.713197 osdx cfgd[1623]: Execute action [end] for node [system ntp]
Jan 27 17:37:21.741588 osdx systemd[1]: Starting ntpsec.service - Network Time Service...
Jan 27 17:37:21.746679 osdx ntpd[164836]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
Jan 27 17:37:21.746697 osdx ntpd[164836]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Jan 27 17:37:21.746921 osdx ntp-systemd-wrapper[164836]: 2026-01-27T17:37:21 ntpd[164836]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
Jan 27 17:37:21.746921 osdx ntp-systemd-wrapper[164836]: 2026-01-27T17:37:21 ntpd[164836]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Jan 27 17:37:21.747163 osdx systemd[1]: Started ntpsec.service - Network Time Service.
Jan 27 17:37:21.747852 osdx cfgd[1623]: [103601]Completed change to active configuration
Jan 27 17:37:21.749340 osdx ntpd[164838]: INIT: precision = 0.051 usec (-24)
Jan 27 17:37:21.749660 osdx OSDxCLI[103601]: pam_unix(cli:session): session closed for user admin
Jan 27 17:37:21.749798 osdx ntpd[164838]: INIT: successfully locked into RAM
Jan 27 17:37:21.749811 osdx ntpd[164838]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
Jan 27 17:37:21.749839 osdx ntpd[164838]: AUTH: authreadkeys: reading /etc/ntp.keys
Jan 27 17:37:21.749880 osdx OSDxCLI[103601]: User 'admin' committed the configuration.
Jan 27 17:37:21.750148 osdx ntpd[164838]: AUTH: authreadkeys: added 1 keys
Jan 27 17:37:21.750190 osdx ntpd[164838]: INIT: Using SO_TIMESTAMPNS(ns)
Jan 27 17:37:21.750203 osdx ntpd[164838]: IO: Listen and drop on 0 v6wildcard [::]:123
Jan 27 17:37:21.750215 osdx ntpd[164838]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Jan 27 17:37:21.750547 osdx ntpd[164838]: IO: Listen normally on 2 lo 127.0.0.1:123
Jan 27 17:37:21.750565 osdx ntpd[164838]: IO: Listen normally on 3 lo [::1]:123
Jan 27 17:37:21.750583 osdx ntpd[164838]: IO: Listening on routing socket on fd #20 for interface updates
Jan 27 17:37:21.750588 osdx ntpd[164838]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
Jan 27 17:37:21.750638 osdx ntpd[164838]: INIT: Built with OpenSSL 3.0.14 4 Jun 2024, 300000e0
Jan 27 17:37:21.750641 osdx ntpd[164838]: INIT: Running with OpenSSL 3.0.17 1 Jul 2025, 30000110
Jan 27 17:37:21.751063 osdx ntpd[164838]: NTSc: Using system default root certificates.
Jan 27 17:37:21.764448 osdx OSDxCLI[103601]: User 'admin' left the configuration menu.
Jan 27 17:37:21.882054 osdx OSDxCLI[103601]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)

---