AuxFanControler (Take 2)

This post is sponsored by PCBWay.

As part of my AuxPower1U project, I already build a stand-alone 4-channel fan controller. And it works perfectly even now. But I did notice some issues when trying to use it as part of other projects.

The first issue was it belonging to AuxPower1U Git repository. There was nothing wrong with that but, since I used it for other projects too, it seemed right for it to get own repo. And its own repo it got. While I will keep it compatible with AuxPower1U, each can change separately.

The second issue was its dimensions. Even though I would argue you cannot get 4-channel fan controller with those connectors in much less space, reality was that vertical mounting was impossible in 1U chassis. Not only that its sideway power entry made wire routing particularly bad in vertical scenarios but it also meant that total height was cutting it close for even 2U case. Reducing the PCB height was an obvious choice and while trying to figure out the layout, I decided to drop one fan connector. This allowed me to reduce size from 69x15mm to more reasonable 42x15mm. Just barely fitting 1U if we ignore sideway cable entry. And ignore it we can because I also adjusted connector to allow for mounting either vertical or horizontal connector. Yes, you will have one footprint unpopulated but that’s a small price to pay.

A third, minor issue was that board was hard to mount. For this I intentionally left back front side empty and with a bit wider side margins. This allows one to create slot in plastic and thus keep the board embedded with friction alone or, if needed, with just a touch of plastic. How that mounting looks like you can see on example of the new AuxPower1U board (that I’ll cover a bit later due to scheduling carfufle). Board sits between 2 fans and goes nowhere once slotted in.

I got PCBs from PCBWay and it arrived quite quickly. More importantly, its edges arrived cleanly cut. This is not something one notices unless they deal with some other PCB providers. I love OSHPark but them leaving tabs in place drives me crazy. Every time I get their boards, I have to spend minute or so per board filing those tabs down and it’s never fully straight edge. With PCBWay at least that task is of my back.

Also, compared to OSHPark they have way wider color selection. You can chose green, red, yellow, blue, white, or black for the same price. This allows you to distinguish boards at a glance. For this order I opted for the yellow soldermask which is not my favorite when it comes to reading slikscreen but it is rather nice otherwise. If silkscreen legibility is at premium, either red or blue are better choice. But that is the beauty of choice. You can find what works for you in any particular scenario.

Premium colors like purple, matte black, and matte green do come at a greate cost. However, they do ocassionally get a discount so its worth checking them out from time to time. For example, purple is going to be available at standard $5 price in September so you might want to check it out. Speaking of discounts, 3D printed TPU will be heavily discounted in September too so you might want to check it out. As somebody who printed TPU, I can only recommend you get somebody else to do it. :)

Soldering this PCB was a bit more difficult as compared to the revision A because components were a bit more pushed together. But that’s just relatively speaking - I am still using rather generous pad size so it should be easily doable.

Profile is similar to before but with a bit more agressive curve between 60-70 °C. This is something I plan to make configurable eventually but I don’t really have reason to do so right now.

Startup sequence is still powering fan at a time with a quick spin-up to 100% before settling down. Firmware itself still behaves as if it has 4 channels which makes firmware the same between revision A and B.

It’s just a small update but form factor change alone will allow me to use it in way more places that require stand-alone fan control.

Warning Me Softly

I already wrote about post-quantum cryptography before. If you check the dates, you’ll see that this is not a new topic. However, it’s still quite common to see standard key exchange for SSH sessions. Well, this might be about to change.

With version 10.1, OpenSSH will present you with the following warning:

** WARNING: connection is not using a post-quantum key exchange algorithm.
** This session may be vulnerable to "store now, decrypt later" attacks.
** The server may need to be upgraded. See https://openssh.com/pq.html

In reality, this change nothing as everything will continue to work as before. But, knowing the human nature, I forsee a lot of people moving to a newer key exchange just to avoid the warning. In no time, projects will face their security review teams. And if security team doesn’t like warnings, projects will oblige.

My own network is in surprisingly good state. Most of my SSH connections already uses sntrup761x25519-sha512 key exchange algorithm. However, there are two notable exceptions: Windows and Mikrotik.

Mikrotik, I pretty much expected. It took them ages to support ED26619 so I don’t doubt I will see the warning for a long while before they update software. I love Mikrotik devices, but boy, do they move slow.

But Windows 11 came as a surprise. They still advertise curve25519-sha256 at best. I guess all that time spent making start menu worse prevented them from upgrading their crypto. I predict that, as always, when warning starts, Microsoft forums will be full of people saying that warning is wrong and that Windows can do no wrong. Only to eventually be dragged into the future.

State of YouTube Ads

While my site currently doesn’t contain ads, it did contain them before. And I still do a sponsored post or two on occassion. Primary reason why I removed ads from these pages was because they were becoming vehicle for a snake-oil salesman. I was ok with ads that try to sell real stuff. I was not ok with ads that sell perpetuum mobile of any kind. Google ads didn’t allow me to remove later category so I simply disabled them all.

But that doesn’t mean I removed ads from my life. While amount of ads online is increasing, one site is becoming more and more unusable due to them - YouTube. Pretty much all ads I get these days from YouTube are ads for either scammers or republicans. But I repeat myself.

And length of the ads has been increasing substantially. For example, I got ad for Ben Shapiro show. Curious on how long it would go, I left it running. Darn thing ran for more than 1 hour (don’t worry, I muted him after a minute or two in order to preserve my sanity). The whole freaking show was the “ad”. Total duration of the “ad” was 1:07:41. Duration of the video this ad was playing on was 46:33. So, ad was more than 20 minutes longer that the content. WTF?

And this is just one ad that made me write this. I cannot even count how many ads for the revolutionary new device that “the government wants to destroy” I saw. Be it a flashlight, binoculars, night-vision, or some magic bean, YouTube will give it an audience.

This is not a normal thing. It never was, and it should never be considered normal. While ads on TV were never perfect and there was an occasional scammy ad or two, you had some standards. For one, I never saw and ad that was longer than the content. And I never saw as many political garbage on TV (admittedly, I didn’t grow up in the USA).

I guess we all bought into an argument that it’s “too difficult to check all the ads”. I guess multibillion company just cannot afford it.

That said, I don’t believe solution is in more rules. Solution, as it often happens would be in more competition. I doubt that YouTube would allow for crappy ads if they had any proper competition. But it might be that ship has sailed.

Disabling AMD Turbo Boost

Recently I upgraded my trusty Framework 13 laptop to AMD motherboard. It’s not my primary laptop mind you, but it does come handy whenever my F16 is too cubersome to lug around. For me, that often ends with it in my lap.

And this laptop can get hot. AMD CPU always wants to give it all, even when it’s not necessary. Often I will have a long-running task in background, that CPU will try to speed up as much as possible by boosting its clock and fans to max. And those are tasks I care not if they finish in 30 or 35 minutes and thus extra heat is unappreciated.

Easy solution for this is just turning off turbo boost. And that is easy enough by writing 0 to a file:

echo 0 | sudo tee /sys/devices/system/cpu/cpufreq/boost

However, I usually remember to do so only once my legs start smoking. So, I decided that it was about time for my system to use that setting as a default. And, since my Kubuntu uses systemd, all starts with creating a service

cat << EOF | sudo tee /etc/systemd/system/cpu-noturbo.service
[Unit]
Description=Disable Turbo Boost

[Service]
ExecStart=/bin/bash -c "echo 0 | tee /sys/devices/system/cpu/cpufreq/boost"
ExecStop=/bin/bash -c "echo 1 | tee /sys/devices/system/cpu/cpufreq/boost"
RemainAfterExit=yes

[Install]
WantedBy=sysinit.target
EOF

Whenever service is started, it will disable turbo boost. Once service is stopped, turbo boost will be reenabled.

Of course, to make sure it starts on every boot, we need to enable it. And because we don’t want to reboot system to apply settings, we might as well start it immediately.

sudo systemctl daemon-reload
sudo systemctl enable cpu-noturbo
sudo systemctl start cpu-noturbo

PS: The same behavior for Intel CPU can be achieved by using slighly different commands. Note that 1 and 0 are swapped:

echo 1 | tee /sys/devices/system/cpu/intel_pstate/no_turbo
echo 0 | tee /sys/devices/system/cpu/intel_pstate/no_turbo

Obtaining Hash as a Part of 11ty Build

Last week I stated in post that I’m not singing my software anymore. So someone might be wondering how do I check I have executable coming from you. Well, together with that post I also added SHA-256 to every file that gets downloaded from my site. If you don’t know how, I even created Summae in order to bring this information into the context menu. And, to make the whole task of generating SHA-256 easier on myself, I added it as part of the build process.

First, I had to add crypto-js package to my 11ty package:

npm install crypto-js

Then, in eleventy.config.mjs, I added an import:

import cryptojs from "crypto-js";

Lastly, into eleventy.config.mjs default function I added the sha256 shortcode:

eleventyConfig.addShortcode("sha256", async function (file) {
  const filePath = path.join(eleventyConfig.directories.output, file);
  if (fs.existsSync(filePath)) {
    const fileContent = fs.readFileSync(filePath, 'binary')
    const sha256hash = crypto.createHash('sha256').update(fileContent, 'binary').digest('hex');
    return sha256hash;
  } else {
    console.error(`File not found: ${filePath}`);
    process.exit(1);
    return "";
  }
});

Whenever I want to use the shortcode, I just add a call to it using the file name as an argument.

{% sha256 "/download/file.zip" %}

Now, in reality, there is a bit more code - especially in the templating area. But that code is just to read data from variables, style the output, etc.

So, how does this help?

Well, it allows the end user to check file validity. If hash code matches you know that download was successful and you got the file I was intending to provide. And I can offer this at no cost to myself.