When setting up KeepassXC, I noticed that the program hangs when I have a database that I have also secured with a Yubikey via Challenge-Response and I want to open it. It stops loading and cannot be closed.
As a workaround, I figured out that you can go into the KeePassXC settings (the gear icon at the top of the bar), then it prompts you to tap the Yubikey and then it unlocks the database. Simply close the settings with “Cancel” and continue as usual.
I can click on the gear icon but I cannot hit the “Cancel” the “Please present or touch your YubiKey to continue…” blue bar pops up immediately and forces me to touch the Yubikey. Unfortunately, it does not open my database, I get the CR error.
When I launch KeePassXC with the terminal, I get this error: Failed to issue challenge: "USB: Hardware key timed out waiting for user interaction."
Is it a KeePassXC or a (new USB linking) Qubes OS issue?
… or an issue on my side?!
I have also noticed this KeePassXC bug on other distros based on Debian. The bug is probably everywhere.
It is not a QubesOS specific problem. I always forward the whole Yubikey directly to the VM, I don’t know if it works differently with the CTAP proxy.
I have tested it on Linux Lite with a KeePassXC Flatpak: It works.
That’s good to know.
But unfortunately the normal version is messed up. I also found a (similar) Github issue about it.
its an issue with the amount of cores assigned to the qube. I set 4 cores on the keepass qube, and this fixes the issue. At least for me it does.
Confirmed: Adding more cores fixes the issue.
There has been also a note pointing to this vcpus issue: KeepassXC freezes up when unlocking a database with a yubikey on some devices · Issue #12909 · keepassxreboot/keepassxc · GitHub