diff options
| author | Viacheslav Hletenko <seversss265@gmail.com> | 2025-03-23 19:06:08 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-03-23 19:06:08 +0200 |
| commit | c12bef0a9631f66d66aad67c05f324816d8b4b05 (patch) | |
| tree | dbd389ff9464c69fa1e471e3e85264e6e97332d5 /src/conf_mode | |
| parent | 3fee8ec30dce8f3987fe468d29109ed4e1bc492a (diff) | |
| download | vyos-1x-revert-4390-feature/T6353-add-password-complexity-validation.tar.gz vyos-1x-revert-4390-feature/T6353-add-password-complexity-validation.zip | |
Revert "T6353: Add password complexity validation for system login user"revert-4390-feature/T6353-add-password-complexity-validation
Diffstat (limited to 'src/conf_mode')
| -rwxr-xr-x | src/conf_mode/system_login.py | 21 |
1 files changed, 1 insertions, 20 deletions
diff --git a/src/conf_mode/system_login.py b/src/conf_mode/system_login.py index 1e6061ecf..d3a969d9b 100755 --- a/src/conf_mode/system_login.py +++ b/src/conf_mode/system_login.py @@ -15,7 +15,6 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. import os -import warnings from passlib.hosts import linux_context from psutil import users @@ -25,17 +24,11 @@ from pwd import getpwuid from sys import exit from time import sleep -from vyos.base import Warning from vyos.config import Config from vyos.configverify import verify_vrf from vyos.template import render from vyos.template import is_ipv4 -from vyos.utils.auth import ( - DEFAULT_PASSWORD, - EPasswdStrength, - evaluate_strength, - get_current_user -) +from vyos.utils.auth import get_current_user from vyos.utils.configfs import delete_cli_node from vyos.utils.configfs import add_cli_node from vyos.utils.dict import dict_search @@ -153,18 +146,6 @@ def verify(login): if s_user.pw_name == user and s_user.pw_uid < MIN_USER_UID: raise ConfigError(f'User "{user}" can not be created, conflict with local system account!') - # T6353: Check password for complexity using cracklib. - # A user password should be sufficiently complex - plaintext_password = dict_search( - path='authentication.plaintext_password', - dict_object=user_config - ) or None - - if plaintext_password is not None: - result = evaluate_strength(plaintext_password) - if result['strength'] == EPasswdStrength.WEAK: - Warning(result['error']) - for pubkey, pubkey_options in (dict_search('authentication.public_keys', user_config) or {}).items(): if 'type' not in pubkey_options: raise ConfigError(f'Missing type for public-key "{pubkey}"!') |