MD5 passwords on SuSE Linux
                  ===========================

SuSE Linux is able to handle MD5 passwords. With MD5 encryption,
passwords can be longer than 8 characters (up to 128 characters).
Since MD5 encryption is not compatible with the default crypt()
function, most commercial Unices and some programs don't work
with MD5 passwords. So be careful, if you enable this feature.


How to enable MD5 passwords:
----------------------------

You need to add the option "md5" to the "password" rules in the PAM
config files. You can find the config files in /etc/pam.d.

For example, you need to change the following lines in /etc/pam.d/passwd:

password required       /lib/security/pam_pwcheck.so   \
		     nullok
password required       /lib/security/pam_unix2.so      \
                     nullok use_first_pass use_authtok

to:

password required       /lib/security/pam_pwcheck.so   \
		     nullok md5
password required       /lib/security/pam_unix2.so      \
                     nullok md5 use_first_pass use_authtok

This is necessary for every program which is able to change the
user's password. At the moment these are at least: /etc/pam.d/login,
/etc/pam.d/passwd, /etc/pam.d/sshd and /etc/pam.d/rlogin.

You could also use the security module from YaST2 to change
the PAM configuration to generate MD5 hashes for new passwords.

If you use NIS, you need to replace /usr/bin/yppasswd with a
link to /usr/bin/passwd:
# cd /usr/bin
# mv yppasswd yppasswd.old
# ln -sf passwd yppasswd


The password will be converted into a MD5 one after the next
password change.