Attention ! apus case In glibc 2.17 the crypt function implementation was tightened up to allow for future implementation improvements, standards conformance, and FIPS compliance. From the 2.17 NEWS: * The `crypt' function now fails if passed salt bytes that violate the specification for those values. On Linux, the `crypt' function will consult /proc/sys/crypto/fips_enabled to determine if "FIPS mode" is enabled, and fail on encrypted strings using the MD5 or DES algorithm when the mode is enabled. In this particular case the salt is an invalid POSIX salt that contains an ASCII space "#" in character 0 outside of the allowed alphabet for salts which is `./0-9a-zA-Z' and therefore crypt will reject that salt as invalid, return NULL, and set errno. Previous to glibc 2.17 a call to crypt would accept invalid POSIX salts.