Strong Password

Test suite to check the OSDx password strong-password level

Test Strong Password

Description

A password strength level and a strong password are configured and then attempting to configure a weak password fails.

Scenario

Step 1: Set the following configuration in DUT0 :

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system ntp authentication-key 1 encrypted-key U2FsdGVkX1+BL7J7x4L7l0xphRqvyfh6FzTW3RUerIU=
set system strong-password level 2

Note

This password has a score of 4.

Step 2: Expect a failure in the following command: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX1/Rs9C/WRR0sBw+8REV5vCWwkXF0TFCGdQ=

Note

This password has a score of 0, which is lower than the strong-password level.

---

Test Password Display

Description

Check that additional information from the strong-password is displayed correctly

Scenario

Step 1: Set the following configuration in DUT0 :

set system cli configuration logging global info
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system strong-password display
set system strong-password level 0

Step 2: Modify the following configuration lines in DUT0 :

set system ntp authentication-key 1 encrypted-key U2FsdGVkX19D4AKqDB9vZ3jrjA8KgdV5yqqPCGjWWgA=

Step 3: Run command system journal show | tail -n 1000 at DUT0 and expect this output:

Show output

Jun 04 11:10:51.316653 osdx systemd-journald[2213]: Runtime Journal (/run/log/journal/d7b8b58d13984d0bb9acdb87ea6c32f4) is 2.1M, max 13.8M, 11.6M free.
Jun 04 11:10:51.319723 osdx systemd-journald[2213]: Received client request to rotate journal, rotating.
Jun 04 11:10:51.319772 osdx systemd-journald[2213]: Vacuuming done, freed 0B of archived journals from /run/log/journal/d7b8b58d13984d0bb9acdb87ea6c32f4.
Jun 04 11:10:51.326885 osdx OSDxCLI[31450]: User 'admin' executed a new command: 'system journal clear'.
Jun 04 11:10:51.555131 osdx OSDxCLI[31450]: User 'admin' executed a new command: 'system coredump delete all'.
Jun 04 11:10:51.764861 osdx OSDxCLI[31450]: User 'admin' entered the configuration menu.
Jun 04 11:10:51.823034 osdx OSDxCLI[31450]: User 'admin' added a new cfg line: 'set system console log-level info'.
Jun 04 11:10:51.918491 osdx OSDxCLI[31450]: User 'admin' added a new cfg line: 'set system strong-password level 0'.
Jun 04 11:10:51.972631 osdx OSDxCLI[31450]: User 'admin' added a new cfg line: 'set system strong-password display'.
Jun 04 11:10:52.072056 osdx OSDxCLI[31450]: User 'admin' added a new cfg line: 'show working'.
Jun 04 11:10:52.139861 osdx ubnt-cfgd[63260]: inactive
Jun 04 11:10:52.164150 osdx INFO[63268]: FRR daemons did not change
Jun 04 11:10:52.166444 osdx modulelauncher[1656]: + Received data: ['31450', 'osdx.utils.xos', 'set_console_log_level', 'info']
Jun 04 11:10:52.205872 osdx OSDxCLI[31450]: Signal 10 received
Jun 04 11:10:52.243940 osdx cfgd[1850]: [31450]Completed change to active configuration
Jun 04 11:10:52.246484 osdx OSDxCLI[31450]: User 'admin' committed the configuration.
Jun 04 11:10:52.271076 osdx OSDxCLI[31450]: User 'admin' left the configuration menu.
Jun 04 11:10:52.483260 osdx OSDxCLI[31450]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jun 04 11:10:52.483874 osdx OSDxCLI[31450]: pam_unix(cli:session): session closed for user admin
Jun 04 11:10:52.484154 osdx OSDxCLI[31450]: User 'admin' entered the configuration menu.
Jun 04 11:10:52.566154 osdx OSDxCLI[31450]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jun 04 11:10:52.566426 osdx cfgd[1850]: Execute action [syntax] for node [system ntp authentication-key 1]
Jun 04 11:10:52.619313 osdx OSDxCLI[31450]: pam_unix(cli:session): session closed for user admin
Jun 04 11:10:52.619608 osdx OSDxCLI[31450]: User 'admin' added a new cfg line: 'set system ntp authentication-key 1 md5 ******'.
Jun 04 11:10:52.727403 osdx OSDxCLI[31450]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jun 04 11:10:52.730940 osdx OSDxCLI[31450]: pam_unix(cli:session): session closed for user admin
Jun 04 11:10:52.731163 osdx OSDxCLI[31450]: User 'admin' added a new cfg line: 'show changes'.
Jun 04 11:10:52.826691 osdx OSDxCLI[31450]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)
Jun 04 11:10:52.836022 osdx ubnt-cfgd[63299]: inactive
Jun 04 11:10:52.848249 osdx cfgd[1850]: [31450]must validation for [system strong-password] was skipped
Jun 04 11:10:52.848330 osdx cfgd[1850]: [31450]must validation for [system login user admin role] was skipped
Jun 04 11:10:52.860558 osdx WARNING[63305]: Short keyboard patterns are easy to guess.
Jun 04 11:10:52.860601 osdx INFO[63305]: Suggestions:
Jun 04 11:10:52.860629 osdx INFO[63305]:   Add another word or two. Uncommon words are better.
Jun 04 11:10:52.860652 osdx INFO[63305]:   Use a longer keyboard pattern with more turns.
Jun 04 11:10:52.860668 osdx INFO[63305]: Crack times (passwords per time):
Jun 04 11:10:52.860684 osdx INFO[63305]:   100 per hour:              centuries
Jun 04 11:10:52.860701 osdx INFO[63305]:   10 per second:             3 months
Jun 04 11:10:52.860751 osdx INFO[63305]:   10.000 per second:         3 hours
Jun 04 11:10:52.860772 osdx INFO[63305]:   10.000.000.000 per second: less than a second
Jun 04 11:10:52.865600 osdx INFO[63307]: FRR daemons did not change
Jun 04 11:10:52.865894 osdx cfgd[1850]: Execute action [end] for node [system ntp]
Jun 04 11:10:52.916094 osdx systemd[1]: Starting ntpsec.service - Network Time Service...
Jun 04 11:10:52.923055 osdx ntpd[63314]: INIT: ntpd ntpsec-1.2.2+2-ga1cda86: Starting
Jun 04 11:10:52.923330 osdx ntp-systemd-wrapper[63314]: 2026-06-04T11:10:52 ntpd[63314]: INIT: ntpd ntpsec-1.2.2+2-ga1cda86: Starting
Jun 04 11:10:52.923330 osdx ntp-systemd-wrapper[63314]: 2026-06-04T11:10:52 ntpd[63314]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Jun 04 11:10:52.923074 osdx ntpd[63314]: INIT: Command line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec
Jun 04 11:10:52.923743 osdx systemd[1]: Started ntpsec.service - Network Time Service.
Jun 04 11:10:52.924909 osdx cfgd[1850]: [31450]Completed change to active configuration
Jun 04 11:10:52.926526 osdx ntpd[63316]: INIT: precision = 0.077 usec (-24)
Jun 04 11:10:52.926842 osdx OSDxCLI[31450]: pam_unix(cli:session): session closed for user admin
Jun 04 11:10:52.927133 osdx ntpd[63316]: INIT: successfully locked into RAM
Jun 04 11:10:52.927147 osdx ntpd[63316]: CONFIG: readconfig: parsing file: /etc/ntpsec/ntp.conf
Jun 04 11:10:52.927174 osdx ntpd[63316]: AUTH: authreadkeys: reading /etc/ntp.keys
Jun 04 11:10:52.927193 osdx OSDxCLI[31450]: User 'admin' committed the configuration.
Jun 04 11:10:52.927315 osdx ntpd[63316]: AUTH: authreadkeys: added 1 keys
Jun 04 11:10:52.927365 osdx ntpd[63316]: INIT: Using SO_TIMESTAMPNS(ns)
Jun 04 11:10:52.927383 osdx ntpd[63316]: IO: Listen and drop on 0 v6wildcard [::]:123
Jun 04 11:10:52.927397 osdx ntpd[63316]: IO: Listen and drop on 1 v4wildcard 0.0.0.0:123
Jun 04 11:10:52.927494 osdx ntpd[63316]: IO: Listen normally on 2 lo 127.0.0.1:123
Jun 04 11:10:52.927515 osdx ntpd[63316]: IO: Listen normally on 3 lo [::1]:123
Jun 04 11:10:52.927534 osdx ntpd[63316]: IO: Listening on routing socket on fd #20 for interface updates
Jun 04 11:10:52.927547 osdx ntpd[63316]: INIT: MRU 10922 entries, 13 hash bits, 65536 bytes
Jun 04 11:10:52.927614 osdx ntpd[63316]: INIT: OpenSSL 3.0.19 27 Jan 2026, 30000130
Jun 04 11:10:52.928227 osdx ntpd[63316]: NTSc: Using system default root certificates.
Jun 04 11:10:52.954272 osdx OSDxCLI[31450]: User 'admin' left the configuration menu.
Jun 04 11:10:53.070745 osdx OSDxCLI[31450]: pam_unix(cli:session): session opened for user admin(uid=1000) by admin(uid=1000)

---