Revert "T6353: Add password complexity validation for system login user"revert-4390-feature/T6353-add-password-complexity-validation

2 files changed, 1 insertions, 39 deletions

diff --git a/src/conf_mode/system_login.py b/src/conf_mode/system_login.py
index 1e6061ecf..d3a969d9b 100755
--- a/src/conf_mode/system_login.py
+++ b/src/conf_mode/system_login.py
@@ -15,7 +15,6 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 import os
-import warnings
 
 from passlib.hosts import linux_context
 from psutil import users
@@ -25,17 +24,11 @@ from pwd import getpwuid
 from sys import exit
 from time import sleep
 
-from vyos.base import Warning
 from vyos.config import Config
 from vyos.configverify import verify_vrf
 from vyos.template import render
 from vyos.template import is_ipv4
-from vyos.utils.auth import (
-    DEFAULT_PASSWORD,
-    EPasswdStrength,
-    evaluate_strength,
-    get_current_user
-)
+from vyos.utils.auth import get_current_user
 from vyos.utils.configfs import delete_cli_node
 from vyos.utils.configfs import add_cli_node
 from vyos.utils.dict import dict_search
@@ -153,18 +146,6 @@ def verify(login):
                 if s_user.pw_name == user and s_user.pw_uid < MIN_USER_UID:
                     raise ConfigError(f'User "{user}" can not be created, conflict with local system account!')
 
-            # T6353: Check password for complexity using cracklib.
-            # A user password should be sufficiently complex
-            plaintext_password = dict_search(
-                path='authentication.plaintext_password',
-                dict_object=user_config
-            ) or None
-
-            if plaintext_password is not None:
-                result = evaluate_strength(plaintext_password)
-                if result['strength'] == EPasswdStrength.WEAK:
-                    Warning(result['error'])
-
             for pubkey, pubkey_options in (dict_search('authentication.public_keys', user_config) or {}).items():
                 if 'type' not in pubkey_options:
                     raise ConfigError(f'Missing type for public-key "{pubkey}"!')
diff --git a/src/op_mode/image_installer.py b/src/op_mode/image_installer.py
index c6e9c7f6f..609b0b347 100755
--- a/src/op_mode/image_installer.py
+++ b/src/op_mode/image_installer.py
@@ -32,16 +32,10 @@ from errno import ENOSPC
 
 from psutil import disk_partitions
 
-from vyos.base import Warning
 from vyos.configtree import ConfigTree
 from vyos.remote import download
 from vyos.system import disk, grub, image, compat, raid, SYSTEM_CFG_VER
 from vyos.template import render
-from vyos.utils.auth import (
-    DEFAULT_PASSWORD,
-    EPasswdStrength,
-    evaluate_strength
-)
 from vyos.utils.io import ask_input, ask_yes_no, select_entry
 from vyos.utils.file import chmod_2775
 from vyos.utils.process import cmd, run, rc_cmd
@@ -89,9 +83,6 @@ MSG_WARN_ROOT_SIZE_TOOBIG: str = 'The size is too big. Try again.'
 MSG_WARN_ROOT_SIZE_TOOSMALL: str = 'The size is too small. Try again'
 MSG_WARN_IMAGE_NAME_WRONG: str = 'The suggested name is unsupported!\n'\
 'It must be between 1 and 64 characters long and contains only the next characters: .+-_ a-z A-Z 0-9'
-
-MSG_WARN_CHANGE_PASSWORD: str = 'Default password used. Consider changing ' \
-    'it on next login.'
 MSG_WARN_PASSWORD_CONFIRM: str = 'The entered values did not match. Try again'
 'Installing a different image flavor may cause functionality degradation or break your system.\n' \
 'Do you want to continue with installation?'
@@ -787,20 +778,10 @@ def install_image() -> None:
     while True:
         user_password: str = ask_input(MSG_INPUT_PASSWORD, no_echo=True,
                                        non_empty=True)
-
-        if user_password == DEFAULT_PASSWORD:
-            Warning(MSG_WARN_CHANGE_PASSWORD)
-        else:
-            result = evaluate_strength(user_password)
-            if result['strength'] == EPasswdStrength.WEAK:
-                Warning(result['error'])
-
         confirm: str = ask_input(MSG_INPUT_PASSWORD_CONFIRM, no_echo=True,
                                  non_empty=True)
-
         if user_password == confirm:
             break
-
         print(MSG_WARN_PASSWORD_CONFIRM)
 
     # ask for default console