TomAdam

I totally agree BobPhoenix, but I have seen a few cases of people posting to forums after having their BMC hacked and used to bounce spam. These were people that were using the motherboard in enterprise environments (who should clearly know better than having an IPMI on a public network), so I felt it was worth mentioning. Supermicro has taken steps to correct the issue, and as I mentioned the current version of the firmware does not have the vulnerability. I do feel however that it is a major failing that they continue to ship new boards with old firmwares. JackBauer - The IP address is the same as the one at which you access the IPMI, using port 22 if you want to ssh. BobPhoenix - if you have access to the SMASH terminal try typing "shell sh". This should kick you out of SMASH into bash as a root user.

The solution to the minimum 712rpm problem was much simpler that I thought. If you look in your hwmon folder where you can control the pwm and read the fan rpm there are registers called fanX_min. For me both fan2_min and fan4_min were set to 712. Setting these to 0 allows you to change the fan speed to anything you want. My server is now truly silent. It's worth noting that this needs to be set every time the machine starts up as it defaults back to 712. Happy hacking.

ANyone that has this board should check out details of a serious vulnerability here: http://lime-technology.com/forum/index.php?topic=16793.0

The BMC OS was a dead end unfortunately. Even with the BMC disabled entirely the fans still exhibit the minimum RPM issue. I did however discover a very interesting vulnerability. See here for more info: http://lime-technology.com/forum/index.php?topic=16793.0 Looks like it is the BIOS that is overriding the fan speed control. Next I'm going to try removing the RPM feedback pin from the fan connectors to see if it helps.

I have recently been experimenting with my Supermicro X7SPA-HF-D525, and found a very serious issue with the BMC. I bought my board in September, and it had a very old firmware on it. It should be noted that the board was marked built in July 2011, so it seems that Supermicro are not burning current versions of the firmware to new boards. The same BMC firmware is shared by all Supermicro boards having the Winbond WPCM450 BMC, most of the 'F' boards. The issue is prior to version 2.54 of the BMC firmware it was possible to log into the BMC's SMASH console using no password at all. I'll explain this in detail. If you have used the web interface for the BMC you may have noticed the "Anonymous" user, and disabled it as I did. The problem is this does not stop this user being used with the SMASH console. In their infinite wisdom the developers gave the user a blank password, so you can log in to SMASH by SSHing to port 22 on the BMC's IP address. Log in with "Anonymous" and no password. You then have access to SMASH. All it takes from that point is to type "shell sh" and you will have root access to the BMC's linux OS. Note that on some earlier versions of the BMC firmware the shell command was disabled, but for the majority it is available. From the OS you can pretty much do what you like to the system, as you have full access to the main system though the BMC. There are several options you have to mitigate this vulnerability: Upgrade your BMC firmware to the latest version, clearing all user configuration. This automatically disables the Anonymous account. Set a password on the Anonymous account. Disabling login is not sufficient! Ensure the BMC port is not connected to a network that has access to the internet. Disable the BMC entirely. This assumes you have also changed the default ADMIN:ADMIN login as otherwise it is just as easy to get in that way. Don't ignore this thinking it won't happen to you. The exploit is in the wild, and people are using it to hack machines and subvert the BMC OS for their own purposes (mostly sending spam and DDOS it appears). Supermicro have not publicised this issue which, given their market segment, I consider a heinous failure.

Thought I had made a breakthrough. I found a package called FreeIPMI that can alter internal values of the IPMI data tables. I have found the fan thresholds that seem to be causing the problem, but disabling assertion of the threshold events doesn't work, and you cant change the thresholds as something magically resets the values. If anyone is interested, here are the data tables for the CPU fan. Chassis fan is identical. Section 138_CPU_FAN ## Possible values: Yes/No Enable_All_Event_Messages Yes ## Possible values: Yes/No Enable_Scanning_On_This_Sensor Yes ## Possible values: Yes/No Enable_Assertion_Event_Lower_Non_Critical_Going_Low Yes ## Possible values: Yes/No Enable_Assertion_Event_Lower_Critical_Going_Low Yes ## Possible values: Yes/No Enable_Assertion_Event_Lower_Non_Recoverable_Going_Low Yes ## Possible values: Yes/No Enable_Assertion_Event_Upper_Non_Critical_Going_High Yes ## Possible values: Yes/No Enable_Assertion_Event_Upper_Critical_Going_High Yes ## Possible values: Yes/No Enable_Assertion_Event_Upper_Non_Recoverable_Going_High Yes ## Possible values: Yes/No Enable_Deassertion_Event_Lower_Non_Critical_Going_Low Yes ## Possible values: Yes/No Enable_Deassertion_Event_Lower_Critical_Going_Low Yes ## Possible values: Yes/No Enable_Deassertion_Event_Lower_Non_Recoverable_Going_Low Yes ## Possible values: Yes/No Enable_Deassertion_Event_Upper_Non_Critical_Going_High Yes ## Possible values: Yes/No Enable_Deassertion_Event_Upper_Critical_Going_High Yes ## Possible values: Yes/No Enable_Deassertion_Event_Upper_Non_Recoverable_Going_High Yes ## Give valid input for sensor type = Fan; units = RPM Lower_Non_Critical_Threshold 770.000000 ## Give valid input for sensor type = Fan; units = RPM Lower_Critical_Threshold 585.000000 ## Give valid input for sensor type = Fan; units = RPM Lower_Non_Recoverable_Threshold 400.000000 ## Give valid input for sensor type = Fan; units = RPM Upper_Non_Critical_Threshold 29260.000000 ## Give valid input for sensor type = Fan; units = RPM Upper_Critical_Threshold 29815.000000 ## Give valid input for sensor type = Fan; units = RPM Upper_Non_Recoverable_Threshold 30370.000000 ## Give valid input for sensor type = Fan; units = RPM; 'None' to not use hysteresis Positive_Going_Threshold_Hysteresis -2375.000000 ## Give valid input for sensor type = Fan; units = RPM; 'None' to not use hysteresis Negative_Going_Threshold_Hysteresis -2375.000000 EndSection I have tried setting everything to No, and changing the thresholds, but no dice. Next I'm going to try altering the IPMI OS itself (you can login using ssh!).

I did see your earlier post and thought that may be the case, but my fans aren't being restricted by the controller in the fan itself. If I pick a fan speed below 700rpm (for example on one of my fans at a pwm setting of 140) then after about 2 seconds something resets the pwm to 255 and switches the pwm_enable setting to 4, which is an auto fan speed control mode. To retake control of the fan I have to set pwm_enable back to 1 and then alter the pwm setting again. I think this is a failsafe either built into the bios or the bmc. I only see the following solutions to this problem: Beg supermicro to update the bios / bmc firmware to allow this feature to be disabled (yeah right) Sever the RPM cable to the fans. I assume if there is no RPM signal that the system will allow full control Accept that it is not possible to slow the fans below a certain point I am going to send Supermicro a mail just in case there is something that they can suggest / do before I cut my cables.

Great. That's really good to know. It's a shame you can't do it, but at least I'm not the only one! Just a little bit too smart these motherboards.

Hi all, this is my first post here. I have a X7SPA-HF-D525 that I'm trying to control the fan speed on. The problem I'm having is when I set the pwm to a rate that results in the fans spinning lower than about 700rpm it gets kicked out of manual control mode and the fans spin up to full speed. Has anyone else had this issue? I am convinced it is either the BIOS or the BMC firmware that is panicking when it sees the fan speed drop too low. Have I missed a setting tin my BIOS or something? I currently have the fans set to the Full Speed mode in the Hardware Health section. Perhaps if you have the same mobo as me, and don't have this issue you could post your BIOS and/or BMC firmware version so I can compare with mine? Any help with this would be greatly appreciated. I'm out of ideas. Tom