diff --git a/qubes/api/admin.py b/qubes/api/admin.py
index f06381f5..c62c4ea5 100644
--- a/qubes/api/admin.py
+++ b/qubes/api/admin.py
@@ -27,6 +27,7 @@ import functools
 import itertools
 import os
 import string
+import subprocess
 
 import libvirt
 import pkg_resources
@@ -1146,8 +1147,16 @@ class QubesAdminAPI(qubes.api.AbstractQubesAPI):
             except KeyError:
                 raise qubes.exc.QubesException(
                     'Invalid backup profile - invalid passphrase_vm')
-            passphrase, _ = yield from passphrase_vm.run_service_for_stdio(
-                'qubes.BackupPassphrase+' + self.arg)
+            try:
+                passphrase, _ = yield from passphrase_vm.run_service_for_stdio(
+                    'qubes.BackupPassphrase+' + self.arg)
+                # make it foolproof against "echo passphrase" implementation
+                passphrase = passphrase.strip()
+                assert b'\n' not in passphrase
+            except subprocess.CalledProcessError:
+                raise qubes.exc.QubesException(
+                    'Failed to retrieve passphrase from \'{}\' VM'.format(
+                        passphrase_vm_name))
         else:
             raise qubes.exc.QubesException(
                 'Invalid backup profile - you need to '