I just wanted to drop you a note about my young split-pass implementation at https://github.com/mtdcr/qvm-pass. I tried to stay as close as possible to the original pass and even the usage info gets relayed through Qrexec. The
pass git command is disallowed by default, though, because it allows passing command-line arguments directly to Git.
Contrary to qubes-pass, this implementation does not share password stores between qubes (but you can emulate this by creating a symlink from one qube’s store to another).
I’m interested in any kind of review and feedback, since I believe to be the only user of it right now. Don’t hesitate to submit issues or pull-requests on GitHub if you’re interested.
Obviously I may have overlooked some issues, e.g. places where additional input validation might be required. Therefore please use it with extra caution!
Feature-wise, I think it’s pretty much complete, at least when compared to the version of pass included in Debian 11, including copy-to-clipboard and printing QR codes. I haven’t tested other versions yet.
I recommend using it together with a split-gpg setup and to combine it with a restrictive qubes-rpc policy.