Web lists-archives.com

password hash in shadow file

Hi all,

I've just spotted that on one of my old wheezy servers root entry in /etc/shadow was updated just over 3 weeks ago.

The root password is still the same and the lastchanged count is much higher than 3 weeks.

The difference I've noticed is the hashed password string being much longer.

It's now prefixed with $6$ (SHA-512 algorithm) comparing with $1$ (MD5) before the change.

My first suspect was a security patch but the system was not updated around that time.

Has anybody seen this before and could explain?