[CentOS] Shadow passwords NOT md5'ed ?

Sun Apr 5 12:00:36 UTC 2009
Stephen Harris <lists at spuddy.org>

I have may missed this in all the traffic, but has anyone checked the
PAM entry?  This is what actually counts; the other files are used by
administrative tools to configure PAM

% grep ^password /etc/pam.d/system-auth
password    requisite     pam_cracklib.so try_first_pass retry=3
password    sufficient    pam_unix.so md5 shadow nullok try_first_pass use_authtok
password    required      pam_deny.so

The "md5" word there is what tells the password command to use md5 encryption