>Per default?  I'm not sure if that is a good idea -- not all
>installations want or have md5 per default (NSF).  On the other hand, if
>you _do_ use md5, you lock yourself out when you don't enable md5.
>What's TRTTD?  Trust that people who don't want md5 disable it or trust
>that those who do want it enable it?

	at least, as long as people do not put encrypted password that start
	with $1, it won't hurt.

	... wait a second.  as long as crypt(3) supports $1$ inside, we should
	not need --with-md5-passwords.  i'm a bit confused... could someone
	help me on this?

itojun