Hello!
I'm trying to support our users who use Freesurfer on our systems, but we are trying to keep to a rollout of FIPS, without the need to employ any hacks or the like, and I don't believe non-FIPS is an option on our systems. 

We still encounter the crypt() error on Freesurfer versions greater than 7.1.1, and again, non-FIPS is likely not an option. 

There is an environment variable workaround that has been mentioned elsewhere and it doesn't seem to be working for me for mri_deface at least, and again, I really would like to see a word about a proper solution.