Some Linux installations encrypt passwords using the MD5 algorithm (RFC1321) rather than using traditional UNIX encryption methods.  The FacetWin Terminal does not support MD5 encrypted passwords and attempting to connect to a system that uses them will result in the error message:

Of course, this error message also results from trying to connect with a bogus password.   But if you are supplying the proper password, and it is getting rejected by your Linux system, then it is very likely that the password has been encrypted using the MD5 algorithm and will need to be re-encrypted using traditional UNIX encryption.

You can usually confirm that a password has been encrypted using the MD5 algorithm rather than using traditional UNIX encryption by checking the length of the encrypted password string in the "/etc/shadow" file.  Traditional UNIX encrypted password strings are 13 characters long, while MD5 encrypted password strings are typically 34 characters long.  For example:

   "/etc/shadow":
   --------------------------------------------------------------------------
   bob:yUxL3rOW.2.to:10783:0:99999:7:-1:-1:134529868
   alice:$1$hLq.mH4k$lGhgQDqJLlP5V/VkhjDGm1:11532:0:99999:7:-1:-1:134526012
   --------------------------------------------------------------------------

The best solution is not to enable MD5 password encryption in the first place, but if you did that you probably wouldn't be reading this.   ; - )   During installation, here is how MD5 is enabled in RedHat 6.2 and enabled in RedHat 7.2.

To revert to traditional UNIX encrypted passwords...

1. Disable MD5 password encryption in the PAM password configuration file, "/etc/pam.d/passwd".

   On some systems you can disable MD5 encryption with "authconfig".  Newer versions of "authconfig" (RedHat 7) will let you do it all from the command-line with:

      authconfig --kickstart --disablemd5
   

   Older versions of "authconfig" (RedHat 6) will let you disable MD5 encryption by unchecking the MD5 box in interactive mode.

      authconfig
   

   You could also manually remove the "md5" references in the "/etc/pam.d/passwd" file.

      "/etc/pam.d/passwd":
      -------------------------------------------------------------------
      #%PAM-1.0
      auth     required /lib/security/pam_pwdb.so shadow md5 nullok
      account  required /lib/security/pam_pwdb.so
      password required /lib/security/pam_cracklib.so retry=3
      password required /lib/security/pam_pwdb.so use_authtok md5 nullok
      -------------------------------------------------------------------
   

2. Re-encrypt passwords using traditional UNIX encryption with the "passwd" command.

   You must run the "passwd" command for each affected user to re-encrypt the passwords the traditional UNIX way.

      "passwd USERNAME":
      -------------------------------------------------------
      Changing password for user USERNAME
      New UNIX password: mYsEcReT
      Retype new UNIX password: mYsEcReT
      passwd: all authentication tokens updated successfully
      -------------------------------------------------------
   

Good Luck!

Please contact Facetcorp technical support if you encounter any problems or have any questions.