Strong Password
Test suite to check the OSDx password strong-password level
Test Strong Password
Description
A password strength level and a strong password are configured and then attempting to configure a weak password fails.
Scenario
Step 1: Set the following configuration in DUT0 :
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set system ntp authentication-key 1 encrypted-key U2FsdGVkX1/dnLWpisw0r1HfmqhYKWJ8VW7DJ3hObXw= set system strong-password level 2
Note
This password has a score of 4.
Step 2: Expect a failure in the following command:
Modify the following configuration lines in DUT0 :
set system ntp authentication-key 1 encrypted-key U2FsdGVkX1/f1s3/X/Y88jmA3gUrD1w2Rg4tslDgOb4=
Note
This password has a score of 0, which is lower than the strong-password level.
Test Password Display
Description
Check that additional information from the strong-password is displayed correctly
Scenario
Step 1: Set the following configuration in DUT0 :
set system cli configuration logging global info set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set system strong-password display set system strong-password level 0
Step 2: Modify the following configuration lines in DUT0 :
set system ntp authentication-key 1 encrypted-key U2FsdGVkX18zYxpQ1lTzgmWRNsr9CdR/GR85Yvfqdcw=
Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:
Show output
Mar 23 07:46:42.303821 osdx systemd-journald[2224]: Runtime Journal (/run/log/journal/9342df493a59479ea19be04fa8920e8f) is 2.1M, max 13.8M, 11.6M free. Mar 23 07:46:42.306200 osdx systemd-journald[2224]: Received client request to rotate journal, rotating. Mar 23 07:46:42.306254 osdx systemd-journald[2224]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9342df493a59479ea19be04fa8920e8f. Mar 23 07:46:42.312950 osdx OSDxCLI[62508]: User 'admin' executed a new command: 'system journal clear'. Mar 23 07:46:42.532807 osdx OSDxCLI[62508]: User 'admin' executed a new command: 'system coredump delete all'. Mar 23 07:46:42.829609 osdx OSDxCLI[62508]: User 'admin' entered the configuration menu. Mar 23 07:46:42.890065 osdx OSDxCLI[62508]: User 'admin' added a new cfg line: 'set system console log-level info'. Mar 23 07:46:42.984389 osdx OSDxCLI[62508]: User 'admin' added a new cfg line: 'set system strong-password level 0'. Mar 23 07:46:43.036255 osdx OSDxCLI[62508]: User 'admin' added a new cfg line: 'set system strong-password display'. Mar 23 07:46:43.138462 osdx OSDxCLI[62508]: User 'admin' added a new cfg line: 'show working'. Mar 23 07:46:43.195438 osdx ubnt-cfgd[74339]: inactive Mar 23 07:46:43.213558 osdx INFO[74347]: FRR daemons did not change Mar 23 07:46:43.215164 osdx modulelauncher[1669]: + Received data: ['62508', 'osdx.utils.xos', 'set_console_log_level', 'info'] Mar 23 07:46:43.240106 osdx OSDxCLI[62508]: Signal 10 received Mar 23 07:46:43.264028 osdx cfgd[1860]: [62508]Completed change to active configuration Mar 23 07:46:43.265841 osdx OSDxCLI[62508]: User 'admin' committed the configuration. Mar 23 07:46:43.282579 osdx OSDxCLI[62508]: User 'admin' left the configuration menu. Mar 23 07:46:43.471207 osdx OSDxCLI[62508]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000) Mar 23 07:46:43.471692 osdx OSDxCLI[62508]: pam_unix(cli:session): session closed for user admin Mar 23 07:46:43.471901 osdx OSDxCLI[62508]: User 'admin' entered the configuration menu. Mar 23 07:46:43.528317 osdx OSDxCLI[62508]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000) Mar 23 07:46:43.528593 osdx cfgd[1860]: Execute action [syntax] for node [system ntp authentication-key 1] Mar 23 07:46:43.540507 osdx OSDxCLI[62508]: pam_unix(cli:session): session closed for user admin Mar 23 07:46:43.540744 osdx OSDxCLI[62508]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 ******'. Mar 23 07:46:43.620788 osdx OSDxCLI[62508]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000) Mar 23 07:46:43.624656 osdx OSDxCLI[62508]: pam_unix(cli:session): session closed for user admin Mar 23 07:46:43.624860 osdx OSDxCLI[62508]: User 'admin' added a new cfg line: 'show changes'. Mar 23 07:46:43.675764 osdx OSDxCLI[62508]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000) Mar 23 07:46:43.684301 osdx ubnt-cfgd[74378]: inactive Mar 23 07:46:43.694581 osdx cfgd[1860]: [62508]must validation for [system strong-password] was skipped Mar 23 07:46:43.694656 osdx cfgd[1860]: [62508]must validation for [system login user admin role] was skipped Mar 23 07:46:43.706911 osdx WARNING[74384]: Short keyboard patterns are easy to guess. Mar 23 07:46:43.706961 osdx INFO[74384]: Suggestions: Mar 23 07:46:43.706994 osdx INFO[74384]: Add another word or two. Uncommon words are better. Mar 23 07:46:43.707018 osdx INFO[74384]: Use a longer keyboard pattern with more turns. Mar 23 07:46:43.707039 osdx INFO[74384]: Crack times (passwords per time): Mar 23 07:46:43.707059 osdx INFO[74384]: 100 per hour: centuries Mar 23 07:46:43.707079 osdx INFO[74384]: 10 per second: 3 months Mar 23 07:46:43.707137 osdx INFO[74384]: 10.000 per second: 3 hours Mar 23 07:46:43.707161 osdx INFO[74384]: 10.000.000.000 per second: less than a second Mar 23 07:46:43.712090 osdx INFO[74386]: FRR daemons did not change Mar 23 07:46:43.712294 osdx cfgd[1860]: Execute action [end] for node [system ntp] Mar 23 07:46:43.750486 osdx systemd[1]: Starting ntpsec.service - Network Time Service... Mar 23 07:46:43.755992 osdx ntpd[74393]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting Mar 23 07:46:43.756237 osdx ntp-systemd-wrapper[74393]: 2026-03-23T07:46:43 ntpd[74393]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting Mar 23 07:46:43.756237 osdx ntp-systemd-wrapper[74393]: 2026-03-23T07:46:43 ntpd[74393]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec Mar 23 07:46:43.756009 osdx ntpd[74393]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec Mar 23 07:46:43.756614 osdx systemd[1]: Started ntpsec.service - Network Time Service. Mar 23 07:46:43.758064 osdx cfgd[1860]: [62508]Completed change to active configuration Mar 23 07:46:43.759400 osdx ntpd[74395]: INIT: precision = 0.079 usec (-24) Mar 23 07:46:43.760086 osdx OSDxCLI[62508]: pam_unix(cli:session): session closed for user admin Mar 23 07:46:43.760116 osdx ntpd[74395]: INIT: successfully locked into RAM Mar 23 07:46:43.760128 osdx ntpd[74395]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf Mar 23 07:46:43.760162 osdx ntpd[74395]: AUTH: authreadkeys: reading /etc/ntp.keys Mar 23 07:46:43.760356 osdx OSDxCLI[62508]: User 'admin' committed the configuration. Mar 23 07:46:43.760366 osdx ntpd[74395]: AUTH: authreadkeys: added 1 keys Mar 23 07:46:43.760413 osdx ntpd[74395]: INIT: Using SO_TIMESTAMPNS(ns) Mar 23 07:46:43.760426 osdx ntpd[74395]: IO: Listen and drop on 0 v6wildcard [::]:123 Mar 23 07:46:43.760440 osdx ntpd[74395]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123 Mar 23 07:46:43.760540 osdx ntpd[74395]: IO: Listen normally on 2 lo 127.0.0.1:123 Mar 23 07:46:43.760556 osdx ntpd[74395]: IO: Listen normally on 3 lo [::1]:123 Mar 23 07:46:43.760574 osdx ntpd[74395]: IO: Listening on routing socket on fd #20 for interface updates Mar 23 07:46:43.760580 osdx ntpd[74395]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes Mar 23 07:46:43.760640 osdx ntpd[74395]: INIT: Built with OpenSSL 3.0.14 4 Jun 2024, 300000e0 Mar 23 07:46:43.760643 osdx ntpd[74395]: INIT: Running with OpenSSL 3.0.18 30 Sep 2025, 30000120 Mar 23 07:46:43.761239 osdx ntpd[74395]: NTSc: Using system default root certificates. Mar 23 07:46:43.802390 osdx OSDxCLI[62508]: User 'admin' left the configuration menu. Mar 23 07:46:43.921497 osdx OSDxCLI[62508]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)