Incomputing,SPICE (theSimple Protocol for Independent Computing Environments) is a remote-display system built forvirtual environments which allows users to view a computing "desktop" environment – not only on its computer-server machine, but also from anywhere on theInternet – using a wide variety ofmachine architectures.

Qumranet originally developed SPICE using aclosed-sourcecodebase in 2007.Red Hat, Inc acquired Qumranet in 2008, and in December 2009 released the code under anopen-source license and made the protocol an open standard.^[4][5]

A SPICE client connection to a remote desktop server consists of multipledata channels, each of which is run over a separateTCP orUNIXsocket connection. A data channel can be designated to operate in either clear-text, orTLS modes, allowing the administrator to trade off the security level vs performance. The TLS mode providesstrong encryption of all traffic transmitted on the data channel.

In addition to encryption, the SPICE protocol allows for a choice of authentication schemes. The original SPICE protocol defined a ticket based authentication scheme using a shared secret. The server would generate anRSA public/privatekeypair and send itspublic key to the client. The client would encrypt the ticket (password) with the public key and send the result back to the server, which would decrypt and verify the ticket. The current SPICE protocol also allows for use of theSASL authentication protocol, thus enabling support for a wide range of admin configurable authentication mechanisms, in particularKerberos.

While only one server implementation exists, several programmers have developed new implementations of the SPICE client-side since the open-sourcing of SPICE.

spice-protocol

The spice-protocol module^[6] defines the SPICE wire protocol formats. This is made available under the BSD license, and is portable across theLinux andWindows platforms.

spice

The spice module^[7] provides the reference implementation for the server side of the SPICE protocol. The server is provided as adynamic library which can be linked to any application wishing to expose a SPICE server. As of 2013^[update],QEMU uses this to provide a SPICE interface forvirtual machines. The spice codebase is available under theLGPL v2+ license.

A client part of the spice codebase named spicec was removed in December 2014.

spice-gtk

The spice-gtk module^[8] implements a SPICE client using theGObject type system and theGTKwidget toolkit. This comprises a low-levellibrary, spice-client-glib, which implements the client protocol code, and a high-level set ofwidgets which provide a graphical client capability using GTK. This is made available under theLGPLv2+ license, and is portable across the Linux,OS X and Windows platforms.

spice-html5

The spice-html5 module^[9] implements a SPICE client that usesJavaScript and is intended to run inside a web browser supportingHTML5. While it implements the SPICE protocol, it cannot talk directly to a regular SPICE server. It must connect to the server indirectly viaWebSocket proxy.^[10] This is made available under a combination of theGPLv3+ and LGPLv3+ licenses.

The SPICE protocol originated to provide improvedremote desktop capabilities in afork of the KVM codebase.

QEMU/KVM

The QEMU maintainers merged support for providing SPICE remote desktop capabilities for all QEMU virtual machines in March 2010. The QEMU binary links to the spice-server library to provide this capability and implements the QXL paravirtualized framebuffer device to enable the guest OS to take advantage of the performance benefits the SPICE protocol offers. The guest OS may also use a regularVGA card, albeit with degraded performance as compared to QXL.^[11]

Xspice

TheX.Org Server driver for the QXLframebuffer device includes awrapper script,^[12] which makes it possible to launch a Xorg server whose display is exported via the SPICE protocol. This enables use of SPICE in a remote desktop environment, without requiring QEMU/KVM virtualization.

virt-viewer

Thevirt-viewer program uses the spice-gtk client library to connect to virtual machines using SPICE, as an alternative to its previous support forVNC.

oVirt

SPICE is integrated intooVirtprivate cloud management software, allowing users to connect to virtual machines through SPICE.

• Red Hat Virtualization
• HP Remote Graphics Software

• Official website
• SPICE protocol

• Application layer protocols
• Red Hat software
• Remote desktop
• Remote desktop protocols
• Thin clients
• Virtualization software for Linux

• Articles with short description
• Short description is different from Wikidata
• Articles containing potentially dated statements from 2013
• All articles containing potentially dated statements
• Official website different in Wikidata and Wikipedia