Linux vs NetBSD NIS passwords

[KC9UDX]

If I log in to a Debian client, via ssh as a valid user, 'validuser' uid 1007, and execute `su - test`, this results in the client's /var/log/auth.log:

Code:

Jul 13 16:28:30 client login[15622]: pam_unix(login:session): session opened for user validuser by (uid=0)
Jul 13 16:28:30 client systemd-logind[335]: New session 436 of user validuser.
Jul 13 16:28:31 client systemd: pam_unix(systemd-user:session): session opened for user validuser by (uid=0)
Jul 13 16:28:51 client su: pam_unix(su-l:auth): authentication failure; logname=validuser uid=1007 euid=0 tty=pts/0 ruser=validuser rhost=  user=test
Jul 13 16:28:53 client su: FAILED SU (to test) validuser on pts/0

Also, on the client,

Code:

$ env | grep LANG
LANG=en_US.UTF-8

Thank you for your time with this. We are at the point I ended the last time I tried to determine this problem, at least a year ago (probably more).
I don't know how NIS works on a low level. I can't help but think that for some reason the Linux computers are using the wrong cipher when sending the password to the NIS server. In one of those rare moments of actually finding something useful with a web search, I discovered this today;tThis is on the NIS server:

Code:

#       $NetBSD: passwd.conf,v 1.3 2010/12/03 21:40:04 jmmv Exp $
#
# passwd.conf(5) -
#       password configuration file
#

default:
        localcipher = sha1
        ypcipher = old

The more familiar I get with NetBSD, the more things I discover that I didn't know. I had no idea there was an /etc/passwd.conf.
I suspect 'ypcipher = old' is not what Linux is expecting. I'm not sure what to change it to. I'll probably start by trying 'sha1' and seeing what happens.

---

That is not the answer. At least, 'ypcipher = sha1' doesn't net success.