Closes #3 by setting the number of rounds for the SHA512 password hashing

Author: Brian Pontarelli

chef-repo/cookbooks/2016-security-guide/templates/default/common-password.erb

@@ -27,7 +27,7 @@
 password	requisite			pam_cracklib.so ucredit=-<%= node['security_guide']['strong_passwords']['uppercase'] %> lcredit=-<%= node['security_guide']['strong_passwords']['lowercase'] %> dcredit=-<%= node['security_guide']['strong_passwords']['numbers'] %> ocredit=-<%= node['security_guide']['strong_passwords']['other'] %> retry=<%= node['security_guide']['strong_passwords']['retry_attempts'] %> minlen=<%= node['security_guide']['strong_passwords']['min_length'] %> difok=<%= node['security_guide']['strong_passwords']['different_than_last_by'] %>
 
 # here are the per-package modules (the "Primary" block) - this had use_authtok in it originally. I removed it because it was preventing root from changing passwords
-password	[success=1 default=ignore]	pam_unix.so obscure try_first_pass sha512
+password	[success=1 default=ignore]	pam_unix.so obscure try_first_pass sha512 rounds=200000
 
 # here's the fallback if no module succeeds
 password	requisite			pam_deny.so

template/ubuntu-16.04/common-password

@@ -27,7 +27,7 @@
 password	requisite			pam_cracklib.so retry=3 minlen=10 difok=3 ucredit=-1 lcredit=-2 dcredit=-1 ocredit=-1 retry=3 minlen=8 difok=3
 
 # here are the per-package modules (the "Primary" block)
-password	[success=1 default=ignore]	pam_unix.so obscure use_authtok try_first_pass sha512
+password	[success=1 default=ignore]	pam_unix.so obscure use_authtok try_first_pass sha512 rounds=200000
 
 # here's the fallback if no module succeeds
 password	requisite			pam_deny.so