You should rebuild using libgmp >= 5 to avoid timing attack vulnerability

linuxrhel

Dec 16

getting this on your linux when trying to run something?

You should rebuild using libgmp >= 5 to avoid timing attack vulnerability. _warn("Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attack vulnerability.", PowmInsecureWarning)

yup, seen it…

RHEL has GMP version 4.something
PyCrypto needs GMP >= 5

RHEL is a tad behind we have to re-make The GNU Multiple Precision Arithmetic Library stuff.

solution:

download the sources from https://gmplib.org/#DOWNLOAD

and according to the instructions from the package:

tar -xvjpf gmp-6.0.0a.tar.bz2
./configure 
make 
make check
make install

rebuild PyCrypto
```
pip install --ignore-installed PyCrypto
```

for good measure, re-build and re-install some stuff (trust me, just go with it)

yum -y groupinstall "Development tools" 
yum -y install gcc libgcc glibc libffi-devel libxml2-devel libxslt-devel openssl-devel zlib-devel bzip2-devel ncurses-devel

tada! send me a nice thank you note when you’re done.

linuxrhel

devnumbertwo blog

You should rebuild using libgmp >= 5 to avoid timing attack vulnerability

The emctl file in the oraclehome cannot be renamed from emctl.bat to emctl_upgrade.bat

change the default port that OpenSSH server uses

devnumbertwo@gmail.com