Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0 :

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system ntp authentication-key 1 encrypted-key U2FsdGVkX19AhiiR/foCciFwZiORAD3NVdHcwS+G+v8=
set system strong-password level 2

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX18v4ndkSbGwmVjm0i5EH6TwYhMKeM4I9Ts=

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0 :

set system cli configuration logging global info
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system strong-password display
set system strong-password level 0

Step 2: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX1+EyAeANEOJOcGWapP9kb2k0b+9YsN20O8=

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

Apr 16 16:08:15.390564 osdx systemd-journald[126917]: Runtime Journal (/run/log/journal/a3fecc5be5e949c7a083b0adeea4bb21) is 2.1M, max 13.8M, 11.6M free.
Apr 16 16:08:15.392568 osdx systemd-journald[126917]: Received client request to rotate journal, rotating.
Apr 16 16:08:15.392637 osdx systemd-journald[126917]: Vacuuming done, freed 0B of archived journals from /run/log/journal/a3fecc5be5e949c7a083b0adeea4bb21.
Apr 16 16:08:15.402529 osdx OSDxCLI[165502]: User 'admin' executed a new command: 'system journal clear'.
Apr 16 16:08:15.689183 osdx OSDxCLI[165502]: User 'admin' executed a new command: 'system coredump delete all'.
Apr 16 16:08:16.120316 osdx OSDxCLI[165502]: User 'admin' entered the configuration menu.
Apr 16 16:08:16.260908 osdx OSDxCLI[165502]: User 'admin' added a new cfg line: 'set system console log-level info'.
Apr 16 16:08:16.341209 osdx OSDxCLI[165502]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
Apr 16 16:08:16.444889 osdx OSDxCLI[165502]: User 'admin' added a new cfg line: 'set system strong-password display'.
Apr 16 16:08:16.559669 osdx OSDxCLI[165502]: User 'admin' added a new cfg line: 'show working'.
Apr 16 16:08:16.671011 osdx ubnt-cfgd[169027]: inactive
Apr 16 16:08:16.698740 osdx INFO[169035]: FRR daemons did not change
Apr 16 16:08:16.701558 osdx modulelauncher[1641]: + Received data: ['165502', 'osdx.utils.xos', 'set_console_log_level', 'info']
Apr 16 16:08:16.731404 osdx OSDxCLI[165502]: Signal 10 received
Apr 16 16:08:16.771352 osdx cfgd[1833]: [165502]Completed change to active configuration
Apr 16 16:08:16.773675 osdx OSDxCLI[165502]: User 'admin' committed the configuration.
Apr 16 16:08:16.798473 osdx OSDxCLI[165502]: User 'admin' left the configuration menu.
Apr 16 16:08:16.972050 osdx OSDxCLI[165502]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Apr 16 16:08:16.972712 osdx OSDxCLI[165502]: pam_unix(cli:session): session closed for user admin
Apr 16 16:08:16.973015 osdx OSDxCLI[165502]: User 'admin' entered the configuration menu.
Apr 16 16:08:17.056749 osdx OSDxCLI[165502]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Apr 16 16:08:17.057139 osdx cfgd[1833]: Execute action [syntax] for node [system ntp authentication-key 1]
Apr 16 16:08:17.071510 osdx OSDxCLI[165502]: pam_unix(cli:session): session closed for user admin
Apr 16 16:08:17.071835 osdx OSDxCLI[165502]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 ******'.
Apr 16 16:08:17.181046 osdx OSDxCLI[165502]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Apr 16 16:08:17.184893 osdx OSDxCLI[165502]: pam_unix(cli:session): session closed for user admin
Apr 16 16:08:17.185169 osdx OSDxCLI[165502]: User 'admin' added a new cfg line: 'show changes'.
Apr 16 16:08:17.250797 osdx OSDxCLI[165502]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Apr 16 16:08:17.258355 osdx ubnt-cfgd[169066]: inactive
Apr 16 16:08:17.269957 osdx cfgd[1833]: [165502]must validation for [system strong-password] was skipped
Apr 16 16:08:17.270027 osdx cfgd[1833]: [165502]must validation for [system login user admin role] was skipped
Apr 16 16:08:17.287769 osdx WARNING[169072]: Short keyboard patterns are easy to guess.
Apr 16 16:08:17.287835 osdx INFO[169072]: Suggestions:
Apr 16 16:08:17.287875 osdx INFO[169072]:   Add another word or two. Uncommon words are better.
Apr 16 16:08:17.287901 osdx INFO[169072]:   Use a longer keyboard pattern with more turns.
Apr 16 16:08:17.287924 osdx INFO[169072]: Crack times (passwords per time):
Apr 16 16:08:17.287946 osdx INFO[169072]:   100 per hour:              centuries
Apr 16 16:08:17.287968 osdx INFO[169072]:   10 per second:             3 months
Apr 16 16:08:17.288027 osdx INFO[169072]:   10.000 per second:         3 hours
Apr 16 16:08:17.288054 osdx INFO[169072]:   10.000.000.000 per second: less than a second
Apr 16 16:08:17.292566 osdx INFO[169074]: FRR daemons did not change
Apr 16 16:08:17.292771 osdx cfgd[1833]: Execute action [end] for node [system ntp]
Apr 16 16:08:17.333009 osdx systemd[1]: Starting ntpsec.service - Network Time Service...
Apr 16 16:08:17.341287 osdx ntpd[169081]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
Apr 16 16:08:17.341632 osdx ntp-systemd-wrapper[169081]: 2026-04-16T16:08:17 ntpd[169081]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
Apr 16 16:08:17.341632 osdx ntp-systemd-wrapper[169081]: 2026-04-16T16:08:17 ntpd[169081]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Apr 16 16:08:17.341306 osdx ntpd[169081]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Apr 16 16:08:17.342096 osdx systemd[1]: Started ntpsec.service - Network Time Service.
Apr 16 16:08:17.343067 osdx cfgd[1833]: [165502]Completed change to active configuration
Apr 16 16:08:17.344322 osdx ntpd[169083]: INIT: precision = 0.053 usec (-24)
Apr 16 16:08:17.344843 osdx ntpd[169083]: INIT: successfully locked into RAM
Apr 16 16:08:17.344857 osdx ntpd[169083]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
Apr 16 16:08:17.344885 osdx ntpd[169083]: AUTH: authreadkeys: reading /etc/ntp.keys
Apr 16 16:08:17.345021 osdx ntpd[169083]: AUTH: authreadkeys: added 1 keys
Apr 16 16:08:17.345059 osdx ntpd[169083]: INIT: Using SO_TIMESTAMPNS(ns)
Apr 16 16:08:17.345069 osdx ntpd[169083]: IO: Listen and drop on 0 v6wildcard [::]:123
Apr 16 16:08:17.345081 osdx ntpd[169083]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Apr 16 16:08:17.345170 osdx ntpd[169083]: IO: Listen normally on 2 lo 127.0.0.1:123
Apr 16 16:08:17.345185 osdx ntpd[169083]: IO: Listen normally on 3 lo [::1]:123
Apr 16 16:08:17.345202 osdx ntpd[169083]: IO: Listening on routing socket on fd #20 for interface updates
Apr 16 16:08:17.345208 osdx ntpd[169083]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
Apr 16 16:08:17.345263 osdx ntpd[169083]: INIT: Built with OpenSSL 3.0.14 4 Jun 2024, 300000e0
Apr 16 16:08:17.345265 osdx ntpd[169083]: INIT: Running with OpenSSL 3.0.18 30 Sep 2025, 30000120
Apr 16 16:08:17.345397 osdx OSDxCLI[165502]: pam_unix(cli:session): session closed for user admin
Apr 16 16:08:17.345681 osdx OSDxCLI[165502]: User 'admin' committed the configuration.
Apr 16 16:08:17.345734 osdx ntpd[169083]: NTSc: Using system default root certificates.
Apr 16 16:08:17.366222 osdx OSDxCLI[165502]: User 'admin' left the configuration menu.
Apr 16 16:08:17.534856 osdx OSDxCLI[165502]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)

---