From: Stephen Harris <lists at spuddy.org> > If you look at "man 3 crypt" you'll see the same function is used > to generate all the different types of encryption; the difference is > the "salt" value. When you try to login the system will see (based > on your shadow entry) what the current password is encrypted with > and will use the same salt to encrypt your typed-in password. > > In this way the password file can contain traditional DES, MD5 and > SHA512 at the same time (for different users, obviously). So "root" > could be SHA512, "fred" could be MD5 and "harry" could be > DES, and > they'll all work. > > login.defs merely defines how _new_ passwords are encrypted (when you run > the passwd command). Thanks for the info! JD