Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0 :

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system ntp authentication-key 1 encrypted-key U2FsdGVkX19T3zaKnNpGiTO8YvW4yhuJWyNNLt253uI=
set system strong-password level 2

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX18Q8z/oEBo9rLbNKvYima41G9cKrGSn/Bk=

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0 :

set system cli configuration logging global info
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system strong-password display
set system strong-password level 0

Step 2: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX18F0T8ME3cvkGS2E+f5CxdvY4SWZqXPU5U=

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

May 05 02:05:53.276101 osdx systemd-journald[1908]: Runtime Journal (/run/log/journal/9e2a66651dea45ed982d8152051049c2) is 2.1M, max 13.8M, 11.6M free.
May 05 02:05:53.276870 osdx systemd-journald[1908]: Received client request to rotate journal, rotating.
May 05 02:05:53.276917 osdx systemd-journald[1908]: Vacuuming done, freed 0B of archived journals from /run/log/journal/9e2a66651dea45ed982d8152051049c2.
May 05 02:05:53.285165 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system journal clear'.
May 05 02:05:53.478887 osdx OSDxCLI[598646]: User 'admin' executed a new command: 'system coredump delete all'.
May 05 02:05:53.680828 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu.
May 05 02:05:53.742264 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system console log-level info'.
May 05 02:05:53.824545 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
May 05 02:05:53.883504 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system strong-password display'.
May 05 02:05:53.988410 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show working'.
May 05 02:05:54.047089 osdx ubnt-cfgd[600954]: inactive
May 05 02:05:54.064151 osdx INFO[600962]: FRR daemons did not change
May 05 02:05:54.065590 osdx modulelauncher[1456]: + Received data: ['598646', 'osdx.utils.xos', 'set_console_log_level', 'info']
May 05 02:05:54.082526 osdx OSDxCLI[598646]: Signal 10 received
May 05 02:05:54.107022 osdx cfgd[1648]: [598646]Completed change to active configuration
May 05 02:05:54.108728 osdx OSDxCLI[598646]: User 'admin' committed the configuration.
May 05 02:05:54.125609 osdx OSDxCLI[598646]: User 'admin' left the configuration menu.
May 05 02:05:54.285667 osdx OSDxCLI[598646]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
May 05 02:05:54.286103 osdx OSDxCLI[598646]: pam_unix(cli:session): session closed for user admin
May 05 02:05:54.286347 osdx OSDxCLI[598646]: User 'admin' entered the configuration menu.
May 05 02:05:54.346776 osdx OSDxCLI[598646]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
May 05 02:05:54.346942 osdx cfgd[1648]: Execute action [syntax] for node [system ntp authentication-key 1]
May 05 02:05:54.358302 osdx OSDxCLI[598646]: pam_unix(cli:session): session closed for user admin
May 05 02:05:54.358522 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 ******'.
May 05 02:05:54.430302 osdx OSDxCLI[598646]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
May 05 02:05:54.433653 osdx OSDxCLI[598646]: pam_unix(cli:session): session closed for user admin
May 05 02:05:54.433895 osdx OSDxCLI[598646]: User 'admin' added a new cfg line: 'show changes'.
May 05 02:05:54.489513 osdx OSDxCLI[598646]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
May 05 02:05:54.496022 osdx ubnt-cfgd[600993]: inactive
May 05 02:05:54.526716 osdx cfgd[1648]: [598646]must validation for [system strong-password] was skipped
May 05 02:05:54.526769 osdx cfgd[1648]: [598646]must validation for [system login user admin role] was skipped
May 05 02:05:54.539699 osdx WARNING[600999]: Short keyboard patterns are easy to guess.
May 05 02:05:54.539735 osdx INFO[600999]: Suggestions:
May 05 02:05:54.539761 osdx INFO[600999]:   Add another word or two. Uncommon words are better.
May 05 02:05:54.539780 osdx INFO[600999]:   Use a longer keyboard pattern with more turns.
May 05 02:05:54.539796 osdx INFO[600999]: Crack times (passwords per time):
May 05 02:05:54.539812 osdx INFO[600999]:   100 per hour:              centuries
May 05 02:05:54.539828 osdx INFO[600999]:   10 per second:             3 months
May 05 02:05:54.539875 osdx INFO[600999]:   10.000 per second:         3 hours
May 05 02:05:54.539896 osdx INFO[600999]:   10.000.000.000 per second: less than a second
May 05 02:05:54.544443 osdx INFO[601001]: FRR daemons did not change
May 05 02:05:54.544584 osdx cfgd[1648]: Execute action [end] for node [system ntp]
May 05 02:05:54.581070 osdx systemd[1]: Starting ntpsec.service - Network Time Service...
May 05 02:05:54.585772 osdx ntpd[601008]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
May 05 02:05:54.585790 osdx ntpd[601008]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
May 05 02:05:54.586015 osdx ntp-systemd-wrapper[601008]: 2026-05-05T02:05:54 ntpd[601008]: INIT: ntpd ntpsec-1.2.2+1-gc8a7dda: Starting
May 05 02:05:54.586015 osdx ntp-systemd-wrapper[601008]: 2026-05-05T02:05:54 ntpd[601008]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
May 05 02:05:54.586261 osdx systemd[1]: Started ntpsec.service - Network Time Service.
May 05 02:05:54.588126 osdx ntpd[601010]: INIT: precision = 0.054 usec (-24)
May 05 02:05:54.588602 osdx ntpd[601010]: INIT: successfully locked into RAM
May 05 02:05:54.588614 osdx ntpd[601010]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
May 05 02:05:54.588639 osdx ntpd[601010]: AUTH: authreadkeys: reading /etc/ntp.keys
May 05 02:05:54.588768 osdx ntpd[601010]: AUTH: authreadkeys: added 1 keys
May 05 02:05:54.588805 osdx ntpd[601010]: INIT: Using SO_TIMESTAMPNS(ns)
May 05 02:05:54.588818 osdx ntpd[601010]: IO: Listen and drop on 0 v6wildcard [::]:123
May 05 02:05:54.588830 osdx ntpd[601010]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
May 05 02:05:54.588923 osdx ntpd[601010]: IO: Listen normally on 2 lo 127.0.0.1:123
May 05 02:05:54.588939 osdx ntpd[601010]: IO: Listen normally on 3 lo [::1]:123
May 05 02:05:54.588954 osdx ntpd[601010]: IO: Listening on routing socket on fd #20 for interface updates
May 05 02:05:54.588960 osdx ntpd[601010]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
May 05 02:05:54.589018 osdx ntpd[601010]: INIT: Built with OpenSSL 3.0.14 4 Jun 2024, 300000e0
May 05 02:05:54.589020 osdx ntpd[601010]: INIT: Running with OpenSSL 3.0.19 27 Jan 2026, 30000130
May 05 02:05:54.589428 osdx ntpd[601010]: NTSc: Using system default root certificates.
May 05 02:05:54.593231 osdx cfgd[1648]: [598646]Completed change to active configuration
May 05 02:05:54.594798 osdx OSDxCLI[598646]: pam_unix(cli:session): session closed for user admin
May 05 02:05:54.595029 osdx OSDxCLI[598646]: User 'admin' committed the configuration.
May 05 02:05:54.610717 osdx OSDxCLI[598646]: User 'admin' left the configuration menu.
May 05 02:05:54.733091 osdx OSDxCLI[598646]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)

---