Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0 :

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system ntp authentication-key 1 encrypted-key U2FsdGVkX19iHd7B5qGAh2rzdy9thQdmjjbJBLzTizQ=
set system strong-password level 2

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX19iHd7B5qGAh59lrvcdsx3ZRuoHMaB/eWk=

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0 :

set system cli configuration logging global info
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system strong-password display
set system strong-password level 0

Step 2: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX19zYs+d8Zr3Ygo0BNWNp8tKERosZwcGF7A=

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

Feb 12 22:17:08.364122 osdx systemd-journald[681778]: Runtime Journal (/run/log/journal/fef7273cfed74888920ec39438478308) is 2.5M, max 17.2M, 14.6M free.
Feb 12 22:17:08.367163 osdx systemd-journald[681778]: Received client request to rotate journal, rotating.
Feb 12 22:17:08.367238 osdx systemd-journald[681778]: Vacuuming done, freed 0B of archived journals from /run/log/journal/fef7273cfed74888920ec39438478308.
Feb 12 22:17:08.376712 osdx OSDxCLI[681609]: User 'admin' executed a new command: 'system journal clear'.
Feb 12 22:17:08.609352 osdx OSDxCLI[681609]: User 'admin' executed a new command: 'system coredump delete all'.
Feb 12 22:17:08.862709 osdx OSDxCLI[681609]: User 'admin' entered the configuration menu.
Feb 12 22:17:08.929629 osdx OSDxCLI[681609]: User 'admin' added a new cfg line: 'set system console log-level info'.
Feb 12 22:17:09.056200 osdx OSDxCLI[681609]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
Feb 12 22:17:09.115574 osdx OSDxCLI[681609]: User 'admin' added a new cfg line: 'set system strong-password display'.
Feb 12 22:17:09.240157 osdx OSDxCLI[681609]: User 'admin' added a new cfg line: 'show working'.
Feb 12 22:17:09.335857 osdx ubnt-cfgd[683159]: inactive
Feb 12 22:17:09.356566 osdx INFO[683167]: FRR daemons did not change
Feb 12 22:17:09.358466 osdx modulelauncher[1440]: + Received data: ['681609', 'osdx.utils.xos', 'set_console_log_level', 'info']
Feb 12 22:17:09.381332 osdx OSDxCLI[681609]: Signal 10 received
Feb 12 22:17:09.416098 osdx cfgd[1631]: [681609]Completed change to active configuration
Feb 12 22:17:09.418519 osdx OSDxCLI[681609]: User 'admin' committed the configuration.
Feb 12 22:17:09.435878 osdx OSDxCLI[681609]: User 'admin' left the configuration menu.
Feb 12 22:17:09.603365 osdx OSDxCLI[681609]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Feb 12 22:17:09.603938 osdx OSDxCLI[681609]: pam_unix(cli:session): session closed for user admin
Feb 12 22:17:09.604191 osdx OSDxCLI[681609]: User 'admin' entered the configuration menu.
Feb 12 22:17:09.664389 osdx OSDxCLI[681609]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Feb 12 22:17:09.664875 osdx cfgd[1631]: Execute action [syntax] for node [system ntp authentication-key 1]
Feb 12 22:17:09.677466 osdx OSDxCLI[681609]: pam_unix(cli:session): session closed for user admin
Feb 12 22:17:09.677712 osdx OSDxCLI[681609]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 ******'.
Feb 12 22:17:09.755569 osdx OSDxCLI[681609]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Feb 12 22:17:09.760953 osdx OSDxCLI[681609]: pam_unix(cli:session): session closed for user admin
Feb 12 22:17:09.761256 osdx OSDxCLI[681609]: User 'admin' added a new cfg line: 'show changes'.
Feb 12 22:17:09.823412 osdx OSDxCLI[681609]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Feb 12 22:17:09.831170 osdx ubnt-cfgd[683198]: inactive
Feb 12 22:17:09.843036 osdx cfgd[1631]: [681609]must validation for [system strong-password] was skipped
Feb 12 22:17:09.843099 osdx cfgd[1631]: [681609]must validation for [system login user admin role] was skipped
Feb 12 22:17:09.862215 osdx WARNING[683204]: Short keyboard patterns are easy to guess.
Feb 12 22:17:09.862263 osdx INFO[683204]: Suggestions:
Feb 12 22:17:09.862300 osdx INFO[683204]:   Add another word or two. Uncommon words are better.
Feb 12 22:17:09.862327 osdx INFO[683204]:   Use a longer keyboard pattern with more turns.
Feb 12 22:17:09.862350 osdx INFO[683204]: Crack times (passwords per time):
Feb 12 22:17:09.862372 osdx INFO[683204]:   100 per hour:              centuries
Feb 12 22:17:09.862395 osdx INFO[683204]:   10 per second:             3 months
Feb 12 22:17:09.862466 osdx INFO[683204]:   10.000 per second:         3 hours
Feb 12 22:17:09.862494 osdx INFO[683204]:   10.000.000.000 per second: less than a second
Feb 12 22:17:09.866351 osdx INFO[683206]: FRR daemons did not change
Feb 12 22:17:09.866577 osdx cfgd[1631]: Execute action [end] for node [system ntp]
Feb 12 22:17:09.915508 osdx systemd[1]: Starting ntpsec.service - Network Time Service...
Feb 12 22:17:09.920780 osdx ntpd[683213]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
Feb 12 22:17:09.920798 osdx ntpd[683213]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Feb 12 22:17:09.921038 osdx ntp-systemd-wrapper[683213]: 2026-02-12T22:17:09 ntpd[683213]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
Feb 12 22:17:09.921038 osdx ntp-systemd-wrapper[683213]: 2026-02-12T22:17:09 ntpd[683213]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Feb 12 22:17:09.921382 osdx systemd[1]: Started ntpsec.service - Network Time Service.
Feb 12 22:17:09.922242 osdx cfgd[1631]: [681609]Completed change to active configuration
Feb 12 22:17:09.924103 osdx OSDxCLI[681609]: pam_unix(cli:session): session closed for user admin
Feb 12 22:17:09.924379 osdx OSDxCLI[681609]: User 'admin' committed the configuration.
Feb 12 22:17:09.924510 osdx ntpd[683215]: INIT: precision = 0.059 usec (-24)
Feb 12 22:17:09.925130 osdx ntpd[683215]: INIT: successfully locked into RAM
Feb 12 22:17:09.925149 osdx ntpd[683215]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
Feb 12 22:17:09.925187 osdx ntpd[683215]: AUTH: authreadkeys: reading /etc/ntp.keys
Feb 12 22:17:09.925370 osdx ntpd[683215]: AUTH: authreadkeys: added 1 keys
Feb 12 22:17:09.925416 osdx ntpd[683215]: INIT: Using SO_TIMESTAMPNS(ns)
Feb 12 22:17:09.925431 osdx ntpd[683215]: IO: Listen and drop on 0 v6wildcard [::]:123
Feb 12 22:17:09.925450 osdx ntpd[683215]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Feb 12 22:17:09.925788 osdx ntpd[683215]: IO: Listen normally on 2 lo 127.0.0.1:123
Feb 12 22:17:09.925805 osdx ntpd[683215]: IO: Listen normally on 3 lo [::1]:123
Feb 12 22:17:09.925824 osdx ntpd[683215]: IO: Listening on routing socket on fd #20 for interface updates
Feb 12 22:17:09.925831 osdx ntpd[683215]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
Feb 12 22:17:09.925890 osdx ntpd[683215]: INIT: Built with OpenSSL 3.0.14 4 Jun 2024, 300000e0
Feb 12 22:17:09.925893 osdx ntpd[683215]: INIT: Running with OpenSSL 3.0.18 30 Sep 2025, 30000120
Feb 12 22:17:09.926321 osdx ntpd[683215]: NTSc: Using system default root certificates.
Feb 12 22:17:09.940855 osdx OSDxCLI[681609]: User 'admin' left the configuration menu.
Feb 12 22:17:10.072741 osdx OSDxCLI[681609]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)

---