You can hash the password in a way that allows the server to verify but without providing the server or an interceptor with the ability to impersonate. SRP/PAKE and SCRAM are examples.
Doh. It felt like there should be a more complex method replacing the hash with an asymmetric op, but I knew it would be hard to casually describe. In retrospect, obviously the "zero knowledge" bit must imply the server does not know the password!
But yeah, general point remains that currently, crypt(3) is a black box to login methods. To make any login method not have to handle the actual password, it needs to be some well-defined function that is compatible with such math.
