Unable to load OnlyKey app bootloader on Qubes OS

Firmware Loading
#1

Hello, I am having an issue loading new firmware and wiping the firmware on my onlykey color. I am doing this on a linux computer. First of all I wiped my onlykey by purposely typing in the wrong pin 10 times. The light on my onlykey goes white and the onlykey app says " WORKING… please wait" It says this forever(1+ hours) basically untill I unplug it. I cant seam to get past this issue.

Before I wiped it, It was working fine as in the onlykey app would detect it and load the onlykey app and can input passwords correctly into web sites. I believe it might have something to do with the black vault bootloader not detecting the onlykey. I also have the UDEF rule set up as per https://docs.crp.to/linux.html

I have tryed doing this on a windows 10 computer and it works fine there but would like to get it to work on linux.

#2

If the device is white this means its in bootloader mode, if this happened after entering 10 incorrect pins you must have had full wipe enabled:

image
image1024×596 97.5 KB

So yes you can now load the OnlyKey firmware in the app. However, if UDEV is incorrectly set the OnlyKey can’t communicate with the app. Can you try running lsusb or try another computer (Windows/Mac)

#3

I typed in lsusb in my terminal and i didnt see the onlykey in my devices. I can see and use the onlykey once the firmware is installed on my onlykey though. So I believe UDEV is working atleast partially.

#4

I am still having this Issue although I do have a workaround. Onlykey doesnt recognize the onlykey device(with the udev rule applied) until the firmware is installed on the Onlykey. After the firmware is installed everything works fine. So to get it working from a wiped onlykey(firmware wiped also) I had to plug it into my windows 10 PC to put the firmware on(since my Linux Qubes OS PC does’nt recognize it) and then move it back over to my Qubes OS PC which now recognizes the onlykey to finish the setup.

#5

I only know about KVM, but Qubes Xen Hypervisor is similar.
Create Udev rules in the administrative domain (Dom0) and activate the USB stick in the working domain (Dom1)
Qubes-os usb-devices