md5 passwords is a feature of the the crypt() function in glibc. Worked fine last time I tried it (ok, that wasn't on the hurd, but I see no reason why that part of glibc should be system dependent). To configure your system to actually *use* md5 passwords is a question of using the right magic salt when creating new password entries, which probably requires some level of support in the passwd program. Doh!