# Qemu over TLS, any speedup tips?

## audiodef

Subject says it all. I have a qemu-kvm remote vm I access with tigervnc. It seems a bit slow. The host isn't a lightweight, so maybe there's something I can do to speed up the connection/refresh rate/something else?

----------

## Etal

Have you tried SPICE instead of VNC?

https://wiki.gentoo.org/wiki/QEMU/Windows_guest#SPICE

https://www.spice-space.org

----------

## audiodef

Etal,

Thanks! Successfully connecting with SPICE now. Definitely better performance. Connecting with the SPICY GUI, I notice I can enter a TLS port, which I have set up. It doesn't seem to use it, though, as it doesn't connect at all if I omit the regular port when trying to connect.

My qemu startup:

```

#!/bin/bash

/usr/bin/qemu-system-x86_64 \

        -daemonize \

        -smp 4 \

        -machine accel=kvm \

        -m 4096 \

        -hda /home/audiodef/GentooStudio_HDA.img \

        -boot once=c,menu=off \

        -net nic,vlan=0 \

        -net user,vlan=0 \

        -rtc base=localtime \

        -name "GentooStudio" \

        -vnc 1.2.3.4:1,tls,x509=/etc/qemu,x509verify=/etc/qemu \

        -spice port=xxxx,tls-port=yyyy,addr=1.2.3.4,password=(password)

```

----------

## Ant P.

Does qemu have any way to force use of a TLS cipher? Any of the ones you see in openssl ciphers 'HIGH+TLSv1.2+ECDSA:!AES256' should be reasonably fast (and secure). AES will be fast if you have the hardware for it, Chacha20 is faster if you don't.

----------

## audiodef

I dunno, but I'll look for those. Thanks!

----------

