FreeBSD Manual Pages

Contact · SPICE-CLIENT

SPICE-CLIENT(1)		    Spice-GTK Documentation	       SPICE-CLIENT(1)

NAME
       Spice-GTK - a client-side library to access remote SPICE	displays

DESCRIPTION
       Spice-GTK is a library allowing access to remote	displays over the
       SPICE protocol. At the moment It's mainly used to access	remote virtual
       machines.

       The Spice-GTK library provides a	set of command line options which can
       be used to tweak	some SPICE-specific option.

URI
       To initiate a plain SPICE connection (the connection will be
       unencrypted) to hostname.example.com and	port 5900, use the following
       URI:

	 spice://hostname.example.com:5900

       In order	to start a TLS connection, one would use:

	 spice+tls://hostname.example.com:5900

       Note: 'spice+tls' is available since v0.35, you have to use the
       spice://	query string with the 'tls-port' parameter before that.

URI query string
       spice URI accepts query string. Several parameters can be specified at
       once if they are	separated by & or ;

	 spice://hostname.example.com?port=5900;tls-port=5901

       When using 'tls-port', it's recommended to not specify any non-TLS
       port.  If you give both 'port' and 'tls-port', make sure	you use	the
       --spice-secure-channels options to indicate which channels must be
       secure.	Otherwise, Spice-GTK first attempts a connection to the	non-
       TLS port, and then try to use the TLS port. This	means a	man-in-the-
       middle could force the whole SPICE session to go	in clear text
       regardless of the TLS settings of the SPICE server.

       Other valid URI parameters are 'username' and 'password'. Be careful
       that passing a password through a SPICE URI might cause the password to
       be visible by any local user through 'ps'.

OPTIONS
       The following options are accepted when running a SPICE client which
       makes use of the	default	Spice-GTK options:

       --spice-secure-channels=<main,display,inputs,...,all>
	   Force the specified channels	to be secured

	   This	 instructs  the	SPICE client that it must use a	TLS connection
	   for these channels. If the server only offers  non-TLS  connections
	   for	these  channels, the client will not use these.	If the special
	   value "all" is used,	this indicates that all	SPICE channels must be
	   encrypted.

	   The current SPICE channels  are:  main,  display,  inputs,  cursor,
	   playback, record, smartcard,	usbredir.

       --spice-disable-effects=<wallpaper,font-smooth,animation,all>
	   Disable guest display effects

	   This	 tells the SPICE client	that it	should attempt to disable some
	   guest features in order to lower  bandwidth	usage.	This  requires
	   guest  support,  usually  through  a	SPICE agent. This is currently
	   only	supported on Windows guests.

	   "wallpaper" will disable the	guest  wallpaper,  "font-smooth"  will
	   disable  font antialiasing, "animation" will	try to disable some of
	   the desktop environment animations. "all" will attempt  to  disable
	   everything which can	be disabled.

       --spice-color-depth=<16,32>
	   Guest display color depth - DEPRECATED

	   This	 tells	the  SPICE  client that	it should attempt to force the
	   guest OS color depth. A lower color	depth  should  lower  bandwith
	   usage.  This	requires guest support,	usually	through	a SPICE	agent.
	   This	is currently only supported on Windows 7 and older guests.

       --spice-ca-file=<file>
	   Truststore file for secure connections

	   This	option is used to  specify  a  .crt  file  containing  the  CA
	   certificate	with  which  the  SPICE	 server	 TLS  certificates are
	   signed. This	is useful  when	 using	self-signed  TLS  certificates
	   rather than certificates signed by an official CA.

       --spice-host-subject=<host-subject>
	   Subject  of	the  host  certificate (field=value pairs separated by
	   commas)

	   When	using self-signed certificates,	or when	the guest is  migrated
	   between   different	 hosts,	 the  subject/altSubject  of  the  TLS
	   certificate the SPICE server	 will  provide	will  not  necessarily
	   match  the  hostname	 we  are  connecting to.  This option makes it
	   possible to override	the expected subject of	the TLS	certificate.

	   The subject must correspond to the "Subject:" line returned by:
	     openssl x509 -noout -text -in server-cert.pem

       --spice-debug
	   Enable Spice-GTK debugging. This can	also be	toggled	 on  with  the
	   SPICE_DEBUG environment variable, or	using G_MESSAGES_DEBUG=all

       --spice-disable-audio
	   Disable audio support

       --spice-disable-usbredir
	   Disable USB redirection support

       --spice-usbredir-auto-redirect-filter=<filter-string>
	   Filter selecting USB	devices	to be auto-redirected when plugged in

	   This	 filter	 specifies  which  USB devices should be automatically
	   redirected when they	are plugged in during the lifetime of a	 SPICE
	   session.

	   A rule has the form of: "class,vendor,product,version,allow"

	   -1  can  be	used  instead  of class, vendor, product or version in
	   order to accept any value. Several rules can	be  concatenated  with
	   '|':	"rule1|rule2|rule3"

       --spice-usbredir-redirect-on-connect=<filter-string>
	   Filter selecting USB	devices	to redirect on connect

	   This	 filter	 specifies  which  USB devices should be automatically
	   redirected when a SPICE connection to a  remote  display  has  been
	   established.

       --spice-gtk-version
	   Display Spice-GTK version information

       --spice-smartcard
	   Enable smartcard support

       --spice-smartcard-db=<certificate-db>
	   Path	 to  the  local	 certificate  database	to  use	 for  software
	   smartcard certificates

	   This	option is only useful for testing purpose. Instead of having a
	   hardware smartcard  reader,	and  a	physical  smartcard,  you  can
	   specify  a  file  containing	 3  certificates which will be used to
	   emulate	 a	 smartcard	 in	  software.	   See
	   "http://www.spice-space.org/page/SmartcardUsage#Using_a_software_smartcard"
	   for more details about how to generate these	certificates.

       --spice-smartcard-certificates=<certificates>
	   Certificates	to use for software smartcards (field=values separated
	   by commas)

	   This	 option	 is  only  useful  for testing purpose.	This allows to
	   specify which certificates from the certificate database  specified
	   with	--spice-smartcard-db should be used for	smartcard emulation.

       --spice-cache-size=<bytes>
	   Image cache size - DEPRECATED

	   This	option should only be used for testing/debugging.

       --spice-glz-window-size=<bytes>
	   Glz compression history size	- DEPRECATED

	   This	option should only be used for testing/debugging.

BUGS
       Report	      bugs	   to	      the	  mailing	  list
       "http://lists.freedesktop.org/mailman/listinfo/spice-devel"

COPYRIGHT
       Copyright (C) 2011, 2014	Red Hat, Inc., and various contributors.  This
       is free software. You may redistribute copies of	it under the terms  of
       the	  GNU	     Lesser	   General	  Public       License
       "https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html".  There is NO
       WARRANTY, to the	extent permitted by law.

SEE ALSO
       "virt-viewer(1)", the project website "http://spice-space.org"

perl v5.28.2			  2019-05-08		       SPICE-CLIENT(1)

Header And Logo

Peripheral Links

Site Navigation

FreeBSD Manual Pages

Header And Logo

Peripheral Links

Search

Site Navigation

FreeBSD Manual Pages