A glance into /etc/pam.d/common-password shows this line:

password   requisite   pam_unix.so nullok obscure md5
Given all the talk lately of MD5 and SHA1 being somewhat insecure, I'd rather use something else like SHA512 or Whirlpool (preferably!). How can I safely do this and "upgrade" all my users' passwords to the new hash algorithm? And where the heck are the encrypted passwords stored these days, anyway? /etc/passwd used to be it, but that shows nothing relevant.