Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0 :

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system ntp authentication-key 1 encrypted-key U2FsdGVkX1+ZZHI7pYgldVFigjaCKezsp3W6W/l4tSc=
set system strong-password level 2

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX188l+altBK9ZxmozL2iblwIasqk/WYjWzY=

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0 :

set system cli configuration logging global info
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system strong-password display
set system strong-password level 0

Step 2: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX19nmOpgbNj1cLIEISlXQ6kPyRGV1Rn3QfY=

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

Mar 20 14:33:40.323935 osdx systemd-journald[685976]: Runtime Journal (/run/log/journal/ba147585e3944580985006d3d45a280a) is 2.6M, max 17.2M, 14.6M free.
Mar 20 14:33:40.324860 osdx systemd-journald[685976]: Received client request to rotate journal, rotating.
Mar 20 14:33:40.324943 osdx systemd-journald[685976]: Vacuuming done, freed 0B of archived journals from /run/log/journal/ba147585e3944580985006d3d45a280a.
Mar 20 14:33:40.337581 osdx OSDxCLI[685811]: User 'admin' executed a new command: 'system journal clear'.
Mar 20 14:33:40.625044 osdx OSDxCLI[685811]: User 'admin' executed a new command: 'system coredump delete all'.
Mar 20 14:33:40.863392 osdx OSDxCLI[685811]: User 'admin' entered the configuration menu.
Mar 20 14:33:40.965071 osdx OSDxCLI[685811]: User 'admin' added a new cfg line: 'set system console log-level info'.
Mar 20 14:33:41.019493 osdx OSDxCLI[685811]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
Mar 20 14:33:41.128216 osdx OSDxCLI[685811]: User 'admin' added a new cfg line: 'set system strong-password display'.
Mar 20 14:33:41.205478 osdx OSDxCLI[685811]: User 'admin' added a new cfg line: 'show working'.
Mar 20 14:33:41.299114 osdx ubnt-cfgd[752311]: inactive
Mar 20 14:33:41.318502 osdx INFO[752319]: FRR daemons did not change
Mar 20 14:33:41.320514 osdx modulelauncher[1642]: + Received data: ['685811', 'osdx.utils.xos', 'set_console_log_level', 'info']
Mar 20 14:33:41.341403 osdx OSDxCLI[685811]: Signal 10 received
Mar 20 14:33:41.371706 osdx cfgd[1833]: [685811]Completed change to active configuration
Mar 20 14:33:41.374050 osdx OSDxCLI[685811]: User 'admin' committed the configuration.
Mar 20 14:33:41.391399 osdx OSDxCLI[685811]: User 'admin' left the configuration menu.
Mar 20 14:33:41.556114 osdx OSDxCLI[685811]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Mar 20 14:33:41.556673 osdx OSDxCLI[685811]: pam_unix(cli:session): session closed for user admin
Mar 20 14:33:41.556903 osdx OSDxCLI[685811]: User 'admin' entered the configuration menu.
Mar 20 14:33:41.614405 osdx OSDxCLI[685811]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Mar 20 14:33:41.614663 osdx cfgd[1833]: Execute action [syntax] for node [system ntp authentication-key 1]
Mar 20 14:33:41.631119 osdx OSDxCLI[685811]: pam_unix(cli:session): session closed for user admin
Mar 20 14:33:41.631462 osdx OSDxCLI[685811]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 ******'.
Mar 20 14:33:41.733769 osdx OSDxCLI[685811]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Mar 20 14:33:41.737364 osdx OSDxCLI[685811]: pam_unix(cli:session): session closed for user admin
Mar 20 14:33:41.737652 osdx OSDxCLI[685811]: User 'admin' added a new cfg line: 'show changes'.
Mar 20 14:33:41.838428 osdx OSDxCLI[685811]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Mar 20 14:33:41.847178 osdx ubnt-cfgd[752350]: inactive
Mar 20 14:33:41.860747 osdx cfgd[1833]: [685811]must validation for [system strong-password] was skipped
Mar 20 14:33:41.860828 osdx cfgd[1833]: [685811]must validation for [system login user admin role] was skipped
Mar 20 14:33:41.876512 osdx WARNING[752356]: Short keyboard patterns are easy to guess.
Mar 20 14:33:41.876560 osdx INFO[752356]: Suggestions:
Mar 20 14:33:41.876596 osdx INFO[752356]:   Add another word or two. Uncommon words are better.
Mar 20 14:33:41.876621 osdx INFO[752356]:   Use a longer keyboard pattern with more turns.
Mar 20 14:33:41.876642 osdx INFO[752356]: Crack times (passwords per time):
Mar 20 14:33:41.876663 osdx INFO[752356]:   100 per hour:              centuries
Mar 20 14:33:41.876684 osdx INFO[752356]:   10 per second:             3 months
Mar 20 14:33:41.876742 osdx INFO[752356]:   10.000 per second:         3 hours
Mar 20 14:33:41.876765 osdx INFO[752356]:   10.000.000.000 per second: less than a second
Mar 20 14:33:41.885070 osdx INFO[752358]: FRR daemons did not change
Mar 20 14:33:41.885862 osdx cfgd[1833]: Execute action [end] for node [system ntp]
Mar 20 14:33:41.929268 osdx systemd[1]: Starting ntpsec.service - Network Time Service...
Mar 20 14:33:41.935511 osdx ntpd[752365]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
Mar 20 14:33:41.935530 osdx ntpd[752365]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Mar 20 14:33:41.935802 osdx ntp-systemd-wrapper[752365]: 2026-03-20T14:33:41 ntpd[752365]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
Mar 20 14:33:41.935802 osdx ntp-systemd-wrapper[752365]: 2026-03-20T14:33:41 ntpd[752365]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Mar 20 14:33:41.936056 osdx systemd[1]: Started ntpsec.service - Network Time Service.
Mar 20 14:33:41.936996 osdx cfgd[1833]: [685811]Completed change to active configuration
Mar 20 14:33:41.938424 osdx ntpd[752367]: INIT: precision = 0.067 usec (-24)
Mar 20 14:33:41.938912 osdx ntpd[752367]: INIT: successfully locked into RAM
Mar 20 14:33:41.938926 osdx ntpd[752367]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
Mar 20 14:33:41.938956 osdx ntpd[752367]: AUTH: authreadkeys: reading /etc/ntp.keys
Mar 20 14:33:41.939004 osdx OSDxCLI[685811]: pam_unix(cli:session): session closed for user admin
Mar 20 14:33:41.939115 osdx ntpd[752367]: AUTH: authreadkeys: added 1 keys
Mar 20 14:33:41.939155 osdx ntpd[752367]: INIT: Using SO_TIMESTAMPNS(ns)
Mar 20 14:33:41.939165 osdx ntpd[752367]: IO: Listen and drop on 0 v6wildcard [::]:123
Mar 20 14:33:41.939177 osdx ntpd[752367]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Mar 20 14:33:41.939409 osdx OSDxCLI[685811]: User 'admin' committed the configuration.
Mar 20 14:33:41.939553 osdx ntpd[752367]: IO: Listen normally on 2 lo 127.0.0.1:123
Mar 20 14:33:41.939570 osdx ntpd[752367]: IO: Listen normally on 3 lo [::1]:123
Mar 20 14:33:41.939594 osdx ntpd[752367]: IO: Listening on routing socket on fd #20 for interface updates
Mar 20 14:33:41.939602 osdx ntpd[752367]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
Mar 20 14:33:41.939669 osdx ntpd[752367]: INIT: Built with OpenSSL 3.0.14 4 Jun 2024, 300000e0
Mar 20 14:33:41.939671 osdx ntpd[752367]: INIT: Running with OpenSSL 3.0.18 30 Sep 2025, 30000120
Mar 20 14:33:41.940244 osdx ntpd[752367]: NTSc: Using system default root certificates.
Mar 20 14:33:41.975548 osdx OSDxCLI[685811]: User 'admin' left the configuration menu.
Mar 20 14:33:42.103637 osdx OSDxCLI[685811]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)

---