Onlykey-agent fails after HMAC-SHA1/KeePassXC

Onlykey-agent is working fairly well, except in my experience after the onlykey has been used for HMAC-SHA1 by KeePassXC. What mechanism or change can be made to reset the agent and/or the onlykey so that the onlykey-agent can be used again?

Specifically, I am using KeyPassXC with the “Hardware Key” option that uses HMAC-SHA1 behind the scenes. Everytime I unlock the KeyPassXC database, I can no longer ssh using the agent. The OnlyKey does not start flashing purple lights asking me to press the button.

The agent comes back to life after I either un/replug the OnlyKey, I press button three for 5+ seconds to log me out, (just found this out) I quit KeyPassXC; so there is a very inconvenient workaround. Is there a fix to onlykey agent or some more convenient workaround?


If quitting KeePassXC fixes the issue it seems that the issue is that KeePassXC is not releasing the USB device. So then the agent can’t open the USB device as its in use by another program. What version of KeePassXC are you using and what OS?

KeePassXC 2.6.6 on Linux (Fedora)