Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0 :

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system ntp authentication-key 1 encrypted-key U2FsdGVkX1/uowsnhOk9mJNs+CRoeBunSwVPLLciXrE=
set system strong-password level 2

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX1/uowsnhOk9mMEMXi2YdxNqz42U2KG6QQs=

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0 :

set system cli configuration logging global info
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system strong-password display
set system strong-password level 0

Step 2: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX18w89FrCFNW92LuoDm63AbiqmkQZM0Jg+g=

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

Mar 05 18:06:49.372734 osdx systemd-journald[466780]: Runtime Journal (/run/log/journal/78445f9299f9414990e66dc8aa510838) is 2.1M, max 13.8M, 11.6M free.
Mar 05 18:06:49.375925 osdx systemd-journald[466780]: Received client request to rotate journal, rotating.
Mar 05 18:06:49.375993 osdx systemd-journald[466780]: Vacuuming done, freed 0B of archived journals from /run/log/journal/78445f9299f9414990e66dc8aa510838.
Mar 05 18:06:49.383586 osdx OSDxCLI[545725]: User 'admin' executed a new command: 'system journal clear'.
Mar 05 18:06:49.613852 osdx OSDxCLI[545725]: User 'admin' executed a new command: 'system coredump delete all'.
Mar 05 18:06:49.823125 osdx OSDxCLI[545725]: User 'admin' entered the configuration menu.
Mar 05 18:06:49.878367 osdx OSDxCLI[545725]: User 'admin' added a new cfg line: 'set system console log-level info'.
Mar 05 18:06:49.993593 osdx OSDxCLI[545725]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
Mar 05 18:06:50.048201 osdx OSDxCLI[545725]: User 'admin' added a new cfg line: 'set system strong-password display'.
Mar 05 18:06:50.150836 osdx OSDxCLI[545725]: User 'admin' added a new cfg line: 'show working'.
Mar 05 18:06:50.206398 osdx ubnt-cfgd[556191]: inactive
Mar 05 18:06:50.223823 osdx INFO[556199]: FRR daemons did not change
Mar 05 18:06:50.225961 osdx modulelauncher[1672]: + Received data: ['545725', 'osdx.utils.xos', 'set_console_log_level', 'info']
Mar 05 18:06:50.248192 osdx OSDxCLI[545725]: Signal 10 received
Mar 05 18:06:50.275270 osdx cfgd[1863]: [545725]Completed change to active configuration
Mar 05 18:06:50.277239 osdx OSDxCLI[545725]: User 'admin' committed the configuration.
Mar 05 18:06:50.294590 osdx OSDxCLI[545725]: User 'admin' left the configuration menu.
Mar 05 18:06:50.492427 osdx OSDxCLI[545725]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Mar 05 18:06:50.492892 osdx OSDxCLI[545725]: pam_unix(cli:session): session closed for user admin
Mar 05 18:06:50.493109 osdx OSDxCLI[545725]: User 'admin' entered the configuration menu.
Mar 05 18:06:50.547602 osdx OSDxCLI[545725]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Mar 05 18:06:50.547854 osdx cfgd[1863]: Execute action [syntax] for node [system ntp authentication-key 1]
Mar 05 18:06:50.560721 osdx OSDxCLI[545725]: pam_unix(cli:session): session closed for user admin
Mar 05 18:06:50.560960 osdx OSDxCLI[545725]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 ******'.
Mar 05 18:06:50.652240 osdx OSDxCLI[545725]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Mar 05 18:06:50.657619 osdx OSDxCLI[545725]: pam_unix(cli:session): session closed for user admin
Mar 05 18:06:50.657890 osdx OSDxCLI[545725]: User 'admin' added a new cfg line: 'show changes'.
Mar 05 18:06:50.708161 osdx OSDxCLI[545725]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Mar 05 18:06:50.716311 osdx ubnt-cfgd[556230]: inactive
Mar 05 18:06:50.751410 osdx cfgd[1863]: [545725]must validation for [system strong-password] was skipped
Mar 05 18:06:50.751469 osdx cfgd[1863]: [545725]must validation for [system login user admin role] was skipped
Mar 05 18:06:50.770173 osdx WARNING[556236]: Short keyboard patterns are easy to guess.
Mar 05 18:06:50.770211 osdx INFO[556236]: Suggestions:
Mar 05 18:06:50.770238 osdx INFO[556236]:   Add another word or two. Uncommon words are better.
Mar 05 18:06:50.770257 osdx INFO[556236]:   Use a longer keyboard pattern with more turns.
Mar 05 18:06:50.770273 osdx INFO[556236]: Crack times (passwords per time):
Mar 05 18:06:50.770289 osdx INFO[556236]:   100 per hour:              centuries
Mar 05 18:06:50.770305 osdx INFO[556236]:   10 per second:             3 months
Mar 05 18:06:50.770351 osdx INFO[556236]:   10.000 per second:         3 hours
Mar 05 18:06:50.770370 osdx INFO[556236]:   10.000.000.000 per second: less than a second
Mar 05 18:06:50.774677 osdx INFO[556238]: FRR daemons did not change
Mar 05 18:06:50.774857 osdx cfgd[1863]: Execute action [end] for node [system ntp]
Mar 05 18:06:50.824208 osdx systemd[1]: Starting ntpsec.service - Network Time Service...
Mar 05 18:06:50.830955 osdx ntpd[556245]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
Mar 05 18:06:50.830973 osdx ntpd[556245]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Mar 05 18:06:50.831205 osdx ntp-systemd-wrapper[556245]: 2026-03-05T18:06:50 ntpd[556245]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
Mar 05 18:06:50.831205 osdx ntp-systemd-wrapper[556245]: 2026-03-05T18:06:50 ntpd[556245]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Mar 05 18:06:50.831509 osdx systemd[1]: Started ntpsec.service - Network Time Service.
Mar 05 18:06:50.832407 osdx cfgd[1863]: [545725]Completed change to active configuration
Mar 05 18:06:50.834040 osdx OSDxCLI[545725]: pam_unix(cli:session): session closed for user admin
Mar 05 18:06:50.834264 osdx OSDxCLI[545725]: User 'admin' committed the configuration.
Mar 05 18:06:50.834365 osdx ntpd[556247]: INIT: precision = 0.078 usec (-24)
Mar 05 18:06:50.835065 osdx ntpd[556247]: INIT: successfully locked into RAM
Mar 05 18:06:50.835095 osdx ntpd[556247]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
Mar 05 18:06:50.835130 osdx ntpd[556247]: AUTH: authreadkeys: reading /etc/ntp.keys
Mar 05 18:06:50.835322 osdx ntpd[556247]: AUTH: authreadkeys: added 1 keys
Mar 05 18:06:50.835373 osdx ntpd[556247]: INIT: Using SO_TIMESTAMPNS(ns)
Mar 05 18:06:50.835392 osdx ntpd[556247]: IO: Listen and drop on 0 v6wildcard [::]:123
Mar 05 18:06:50.835407 osdx ntpd[556247]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Mar 05 18:06:50.835521 osdx ntpd[556247]: IO: Listen normally on 2 lo 127.0.0.1:123
Mar 05 18:06:50.835540 osdx ntpd[556247]: IO: Listen normally on 3 lo [::1]:123
Mar 05 18:06:50.835559 osdx ntpd[556247]: IO: Listening on routing socket on fd #20 for interface updates
Mar 05 18:06:50.835566 osdx ntpd[556247]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
Mar 05 18:06:50.835630 osdx ntpd[556247]: INIT: Built with OpenSSL 3.0.14 4 Jun 2024, 300000e0
Mar 05 18:06:50.835635 osdx ntpd[556247]: INIT: Running with OpenSSL 3.0.18 30 Sep 2025, 30000120
Mar 05 18:06:50.836241 osdx ntpd[556247]: NTSc: Using system default root certificates.
Mar 05 18:06:50.849767 osdx OSDxCLI[545725]: User 'admin' left the configuration menu.
Mar 05 18:06:50.966097 osdx OSDxCLI[545725]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)

---