Store admin password hashed and salted instead of in cleartext (refs: #17135)

By calling chpasswd with the -e option, it uses the provided hashed and
salted password instead of hashing and salting it via PAM.

PAM uses SHA512 to hash the password, as configured in /etc/login.defs,
so in the call to mkpasswd we set --method=sha512crypt to also use SHA512.