Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0 :

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system ntp authentication-key 1 encrypted-key U2FsdGVkX18hrz2vniKUutpN7ixQK47PQ32NZi8wnMY=
set system strong-password level 2

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX18hrz2vniKUuhIfXDBtFQruUrcRJYbiPnQ=

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0 :

set system cli configuration logging global info
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system strong-password display
set system strong-password level 0

Step 2: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX19WyOxtByoctEZ5WW18gJAtfBiiRztmMuI=

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

Feb 19 13:55:28.329205 osdx systemd-journald[678431]: Runtime Journal (/run/log/journal/69bd8e6fd19244c08e519827aa7e309f) is 2.5M, max 17.2M, 14.6M free.
Feb 19 13:55:28.331267 osdx systemd-journald[678431]: Received client request to rotate journal, rotating.
Feb 19 13:55:28.331320 osdx systemd-journald[678431]: Vacuuming done, freed 0B of archived journals from /run/log/journal/69bd8e6fd19244c08e519827aa7e309f.
Feb 19 13:55:28.341405 osdx OSDxCLI[769497]: User 'admin' executed a new command: 'system journal clear'.
Feb 19 13:55:28.585221 osdx OSDxCLI[769497]: User 'admin' executed a new command: 'system coredump delete all'.
Feb 19 13:55:28.838343 osdx OSDxCLI[769497]: User 'admin' entered the configuration menu.
Feb 19 13:55:28.893346 osdx OSDxCLI[769497]: User 'admin' added a new cfg line: 'set system console log-level info'.
Feb 19 13:55:28.987885 osdx OSDxCLI[769497]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
Feb 19 13:55:29.043545 osdx OSDxCLI[769497]: User 'admin' added a new cfg line: 'set system strong-password display'.
Feb 19 13:55:29.159079 osdx OSDxCLI[769497]: User 'admin' added a new cfg line: 'show working'.
Feb 19 13:55:29.232086 osdx ubnt-cfgd[770957]: inactive
Feb 19 13:55:29.250559 osdx INFO[770965]: FRR daemons did not change
Feb 19 13:55:29.252581 osdx modulelauncher[1668]: + Received data: ['769497', 'osdx.utils.xos', 'set_console_log_level', 'info']
Feb 19 13:55:29.275386 osdx OSDxCLI[769497]: Signal 10 received
Feb 19 13:55:29.304868 osdx cfgd[1859]: [769497]Completed change to active configuration
Feb 19 13:55:29.307104 osdx OSDxCLI[769497]: User 'admin' committed the configuration.
Feb 19 13:55:29.343323 osdx OSDxCLI[769497]: User 'admin' left the configuration menu.
Feb 19 13:55:29.504056 osdx OSDxCLI[769497]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Feb 19 13:55:29.504565 osdx OSDxCLI[769497]: pam_unix(cli:session): session closed for user admin
Feb 19 13:55:29.504775 osdx OSDxCLI[769497]: User 'admin' entered the configuration menu.
Feb 19 13:55:29.559582 osdx OSDxCLI[769497]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Feb 19 13:55:29.559835 osdx cfgd[1859]: Execute action [syntax] for node [system ntp authentication-key 1]
Feb 19 13:55:29.571753 osdx OSDxCLI[769497]: pam_unix(cli:session): session closed for user admin
Feb 19 13:55:29.572045 osdx OSDxCLI[769497]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 ******'.
Feb 19 13:55:29.661793 osdx OSDxCLI[769497]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Feb 19 13:55:29.666736 osdx OSDxCLI[769497]: pam_unix(cli:session): session closed for user admin
Feb 19 13:55:29.666940 osdx OSDxCLI[769497]: User 'admin' added a new cfg line: 'show changes'.
Feb 19 13:55:29.753897 osdx OSDxCLI[769497]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Feb 19 13:55:29.761062 osdx ubnt-cfgd[770996]: inactive
Feb 19 13:55:29.771712 osdx cfgd[1859]: [769497]must validation for [system strong-password] was skipped
Feb 19 13:55:29.771789 osdx cfgd[1859]: [769497]must validation for [system login user admin role] was skipped
Feb 19 13:55:29.783370 osdx WARNING[771002]: Short keyboard patterns are easy to guess.
Feb 19 13:55:29.783409 osdx INFO[771002]: Suggestions:
Feb 19 13:55:29.783438 osdx INFO[771002]:   Add another word or two. Uncommon words are better.
Feb 19 13:55:29.783456 osdx INFO[771002]:   Use a longer keyboard pattern with more turns.
Feb 19 13:55:29.783473 osdx INFO[771002]: Crack times (passwords per time):
Feb 19 13:55:29.783489 osdx INFO[771002]:   100 per hour:              centuries
Feb 19 13:55:29.783505 osdx INFO[771002]:   10 per second:             3 months
Feb 19 13:55:29.783554 osdx INFO[771002]:   10.000 per second:         3 hours
Feb 19 13:55:29.783574 osdx INFO[771002]:   10.000.000.000 per second: less than a second
Feb 19 13:55:29.787517 osdx INFO[771004]: FRR daemons did not change
Feb 19 13:55:29.787693 osdx cfgd[1859]: Execute action [end] for node [system ntp]
Feb 19 13:55:29.819559 osdx systemd[1]: Starting ntpsec.service - Network Time Service...
Feb 19 13:55:29.824594 osdx ntpd[771011]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
Feb 19 13:55:29.824611 osdx ntpd[771011]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Feb 19 13:55:29.824838 osdx ntp-systemd-wrapper[771011]: 2026-02-19T13:55:29 ntpd[771011]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
Feb 19 13:55:29.824838 osdx ntp-systemd-wrapper[771011]: 2026-02-19T13:55:29 ntpd[771011]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Feb 19 13:55:29.825192 osdx systemd[1]: Started ntpsec.service - Network Time Service.
Feb 19 13:55:29.825924 osdx cfgd[1859]: [769497]Completed change to active configuration
Feb 19 13:55:29.827661 osdx OSDxCLI[769497]: pam_unix(cli:session): session closed for user admin
Feb 19 13:55:29.827670 osdx ntpd[771013]: INIT: precision = 0.065 usec (-24)
Feb 19 13:55:29.827888 osdx OSDxCLI[769497]: User 'admin' committed the configuration.
Feb 19 13:55:29.828266 osdx ntpd[771013]: INIT: successfully locked into RAM
Feb 19 13:55:29.828279 osdx ntpd[771013]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
Feb 19 13:55:29.828314 osdx ntpd[771013]: AUTH: authreadkeys: reading /etc/ntp.keys
Feb 19 13:55:29.828504 osdx ntpd[771013]: AUTH: authreadkeys: added 1 keys
Feb 19 13:55:29.828554 osdx ntpd[771013]: INIT: Using SO_TIMESTAMPNS(ns)
Feb 19 13:55:29.828570 osdx ntpd[771013]: IO: Listen and drop on 0 v6wildcard [::]:123
Feb 19 13:55:29.828584 osdx ntpd[771013]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Feb 19 13:55:29.828981 osdx ntpd[771013]: IO: Listen normally on 2 lo 127.0.0.1:123
Feb 19 13:55:29.828999 osdx ntpd[771013]: IO: Listen normally on 3 lo [::1]:123
Feb 19 13:55:29.829021 osdx ntpd[771013]: IO: Listening on routing socket on fd #20 for interface updates
Feb 19 13:55:29.829028 osdx ntpd[771013]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
Feb 19 13:55:29.829085 osdx ntpd[771013]: INIT: Built with OpenSSL 3.0.14 4 Jun 2024, 300000e0
Feb 19 13:55:29.829088 osdx ntpd[771013]: INIT: Running with OpenSSL 3.0.18 30 Sep 2025, 30000120
Feb 19 13:55:29.829533 osdx ntpd[771013]: NTSc: Using system default root certificates.
Feb 19 13:55:29.855347 osdx OSDxCLI[769497]: User 'admin' left the configuration menu.
Feb 19 13:55:29.985308 osdx OSDxCLI[769497]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)

---