I just built a clean CentOS 6.6 server and have ansible installed. All packages are up to date and I’m still seeing this error:
[WARNING]: The version of gmp you have installed has a known issue regarding
timing vulnerabilities when used with pycrypto. If possible, you should update
it (i.e. yum update gmp).
I believe I have seen this discussed elsewhere but is there a solid resolution for this?
Hi Chris, you can disable this warning in your ansible.cfg file (system_warnings=no).
Relevant discussion:
https://github.com/ansible/ansible/issues/6941
https://bugzilla.redhat.com/show_bug.cgi?id=1103566
Giovanni
I reanalyzed the bug today and working with the EPEL maintainer,
submitted an updated python-crypto2.6 package:
https://admin.fedoraproject.org/updates/python-crypto2.6-2.6.1-2.el6
It's not ideal as it disables the C extension in order to make the
code more secure but i don't think that will be too bad for ansible's
usage. This is only used for vault and vault typically isn't doing
enough encryption and decryption for the speed difference to matter.
-toshio
Awesome! Thank you.
I confirm this works on CentOS 6.3, one has to enable epel repo though.
Warning
`
[WARNING]: The version of gmp you have installed has a known issue regarding
timing vulnerabilities when used with pycrypto. If possible, you should update
it (i.e. yum update gmp).
ansible-playbook 1.9.2
configured module search path = /opt/ansible/modules