> OK, thanks. Just one last question before I hurt myself: this doesn't > disable currently active shells, does it? I mean, I can do that as > root, then change my root password to a longer one, then try to open > another ssh session, all knowing that my first session is still active > and allows me to back up, right? Yes, it will totally disconnect your machine from the network and shut down ssh just to be sure. ..... o.O No, it just manipulates text files. Maybe you should be doing some independent research as to how the password files and pam works first. I'd hate for you to find out that some other service you are using breaks because it suddenly can't authenticate users. I mean, why in the world was the machine installed in the first place without md5 passwords? Do you have a local service that authenticates directly off the password (shadow) file which doesn't understand md5/crypt? This isn't unheard of. Back in the day, radiusd was fun like that. Those are questions that you should ask yourself. I'm not looking for an answer, simply giving you a direction. j