Merge pull request #18 from brianredbeard/cloud-config-hashing

docs: Additional information on generating password hashes

Documentation/cloud-config.md

@@ -41,11 +41,21 @@ The following fields are not yet implemented:
 
 ##### Generating a password hash
 
-You can generate a safe hash via:
+Generating a safe hash is important to the security of your system.  Currently with updated tools like [oclhashcat](http://hashcat.net/oclhashcat/) simplified hashes like md5crypt are trivial to crack on modern GPU hardware.  You can generate a "safer" hash (read: not safe, never publish your hashes publicly) via:
 
+###### On Debian/Ubuntu (via the package "whois")
     mkpasswd --method=SHA-512 --rounds=4096
 
-Using a higher number of rounds will help create more secure passwords, but given enough time, password hashes can be reversed.
+###### With OpenSSL (note: this will only make md5crypt.  While better than plantext it should not be considered fully secure)
+    openssl passwd -1
+
+###### With Python (change password and salt values)
+    python -c "import crypt, getpass, pwd; print crypt.crypt('password', '\$6\$SALT\$')"
+
+###### With Perl (change password and salt values)
+    perl -e 'print crypt("password","\$6\$SALT\$") . "\n"'
+
+Using a higher number of rounds will help create more secure passwords, but given enough time, password hashes can be reversed.  On most RPM based distributions there is a tool called mkpasswd available in the `expect` package, but this does not handle "rounds" nor advanced hashing algorithms. 
 
 ## Custom cloud-config Parameters