I don’t see a dedicated section yet on the forum to report, which hardware devices work well with qubes. So I’m posting this in the hardware support section. Some time ago I was searching for an option, to add an adapter for connecting my usb mouse and favourite, usb, mechanical keyboard into the PS/2 jacks on the back of my desktop mobo. Then in a usb-related post one of the members suggested, that an active adapter might work, thus removing the mouse and keyboard from the sys-usb VM. After searching for modded adapters and ready-to-use adapters, I finally stumbled of the Tripplite usb-to-ps/2 active adapter. To be upfront, I have no commercial link to the Tripplite company whatsoever. Their unit works like a charm (mostly).
Background: My favourite keyboard was a HyperX Alloy Elite mechanical, usb keyboard, with the tactile feel and sound of my old IBM keyboards, but which wouldn’t work with a new qubes 4.0.3 installation’s sys-usb VM by default. Using the qubes docs method of subsequently making a new sys-usb VM and attaching my keyboard and mouse to the new less-than-ideally secure sys-usb, I was able to use the keyboard and mouse - an experience shared by many others I’m sure.
The Tripplite: I have been using it now for two and a half months. At first I had no success, when connecting the mouse and HyperX through the Tripplite to the PS/2 jacks. Experimenting with various usb keyboard/mouse combinations, isolated the HyperX keyboard as the particular component, which wasn’t compatible with the Tripplite - PS/2-qubes combination. Each usb mouse seemed to work and an old Logitech G15 non-mechanical, usb keyboard worked. Since a Logitech keyboard had worked, I chanced ordering a Logitech KB45CH Cherry Blue mechanical keyboard and I’m happy to report, that it did work with the Tripplite, bypassing the need to use the sys-usb VM for keyboard and mouse. Also I did a complete reinstall of qubes a few days back, installing 4.0.4. The Tipplite works in 4.0.4 with the as-installed fedora-32 based sys-usb. And as a last point, yesterday I upgraded all of my sys VM’s to fedora-33 and all’s well. So in my experience, although the Tripplite costs significantly more than one of those cheap non-active adapters, which won’t work with qubes and it won’t make each and every usb keyboard magically pluggable into the PS/2 jack, it does (from my experience) work with any usb mouse I’ve tried and does work with Logitech mechanical and non-mechanical, usb keyboards, allowing the user to install qubes, use a usb mouse and keyboard and also allow qubes to install the standard sys-usb Vm, without compromising sys-usb security. cheers
For someone who can land here someday.
If your PC has a PS/2 port, than you should use a PS/2 keyboard. PS/2 port sends inputs directly into kernel, so when your USB-vm will fail (my fails 2 times a year) you should have a way to work with your Qubes OS.
If you have a USB keyboard, then you can use a cheap USB-to-PS/2 adapter. But be prepared to try several keyboards/adapters combinations. My success story was buying a cheap keyboard and a cheap adapter. Now I have the backlit keyboard through the PS/2 port.
You can also configure a separate USB-vm for your mouse that uses an old stable VM. But you have to configure the port the way that only mouse can use it (search Qubes manuals).
Are you comfortable listing what keyboard/adapter combinations worked for you? Obviously, they can change something in the design and these combinations would stop working, but I still think some would find this type of information useful.
Gembird KB-UML3 paired with the cheapest no-name PS/2 adapter.
I think you can buy a better keyboard. However, you should not buy an expensive one as they use hi-end controllers that are not designed to work with PS/2 adapters.
Thanks! I also had this type of setup work with some cheap no-name keyboards and adapters but not with more expensive stuff.
Same problem here. Why are this devices not deterministic at all?
Just for curiosity.
Thanks
Just for a fyi… As the OP I can say, that my setup is still working flawlessly a year and a half later. Haven’t regretted the move since. For anyone wanting a keyboard with responsive, clicking, tactile feedback instead of a mushy keyboard, this might be what you were looking for (I miss my old '80s IBM keyboards.) 
I hope you are aware that you are using USB devices here while having PS/2 port, and that has its security implications like the use of any other USB device.,
2-10m PS/2 cable extender resolves all the troubles regarding distance…
Sorry, if I misunderstood what you said but please help me understand this.
Are you saying cheap USB to PS/2 adapter, not wired, is not secure and is just as bad as plugging in the USB device without the adapter?
In my original post I stated, that I was using the Tripplite active usb to ps2 adapter to run my usb mouse and keyboard through the ps2 jacks in back of my desktop computer. Using the Qubes top menu’s Qubes Devices widget, the only usb device which subsequently appears in the drop down menu, is my externally connected speakers. No mouse or keyboard listed. So as far as I can tell, my system is not seeing the mouse and keyboard as usb devices any longer. I do stand to be corrected, if I am misunderstanding the situation.
No. I think it’s worse then USB device connected to sys-usb, as I see it.
As I see the things, and this is purely based on common sense, is that it is better sys-usb to detect USB device and takes care of them, then sys-usb not to detect them so USB devices are hidden as such and dom0 exposed directly to them on the lowest level via PS/2.
Also, of course sys-usb cannot detect them as USB devices because sys-usb takes care of USB controllers, not PS/2 controllers (unless PS/2 ports aren’t internally placed on USB contrroller which also can be, but most probably not here).
At the end, all of this doesn’t matter. If you have bad USB device it doesn’t matter how it’ll try to attack dom0: via USB controller directly connected to dom0, via channel side attack from sys-usb, or directly connected to dom0 via PS/2. It’ll try.
So, think what of stated in last paragraph is the most trivial for bad USB device to attack dom0.
I think it’s more reliable to use the ps/2 inputs if you have them rather than routing usb devices through sys-usb.
Besides, an attacker might have a ps/2 to usb adapter as well so all ps/2 keyboard ports are just as vulnerable. I wouldn’t worry about using the adapter.
B
Could you elaborate little bit more on why you think USB to PS/2 adapter (not wired) is worst than using USB? Perhaps there are documents you can reference and share with us? Even if there aren’t any docs, please explain to us a bit on why you think it is.
Sorry I can’t. I was clear that it is based on common sense. You are free to research it further, of course.