Man page - sdl-freerdp3(1)

Packages contains this manual

Package: freerdp3-sdl
apt-get install freerdp3-sdl

Manuals in package:

sdl-freerdp3(1)

Documentations in package:

freerdp3-sdl

Manual

sdl-freerdp3

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
CONFIGURATION FILE
ENVIRONMENT VARIABLES
GLOBAL CONFIGURATION
EXAMPLES
LINKS
AUTHOR

NAME

sdl-freerdp3 - FreeRDP SDL client

SYNOPSIS

sdl-freerdp3 [file] [options] [/v:server[:port]]

DESCRIPTION

sdl-freerdp3 is an SDL Remote Desktop Protocol (RDP) client which is part of the FreeRDP project. An RDP server is built-in to many editions of Windows. Alternative servers included ogon, gnome-remote-desktop, xrdp and VRDP (VirtualBox).

OPTIONS

/a : addin [, options ], /addin : addin [, options ]

Addin

/azure :[tenantid: id ],[use-tenantid[:[on|off]],[ad: url ]

AzureAD options

/action-script : file-name

Action script (default:˜/.config/freerdp/action.sh)

/admin , /console

Admin (or console) session

+aero

desktop composition (default:off)

/app :program:[ path | ||alias ],cmd: command ,file: filename ,guid: guid ,icon: filename ,name: name ,workdir: directory ,hidef:[on|off]

Remote application program

/assistance : password

Remote assistance password

/auto-request-control :

Automatically request remote assistance input control

+async-channels

Asynchronous channels (experimental) (default:off)

+async-update

Asynchronous update (default:off)

/audio-mode : mode

Audio output mode

+auth-only

Authenticate only (default:off)

/auth-pkg-list : !ntlm,kerberos

Authentication package filter (comma-separated list, use '!' to exclude)

-authentication

Authentication (experimental) (default:on)

+auto-reconnect

Automatic reconnection (default:off)

/auto-reconnect-max-retries : retries

Automatic reconnection maximum retries, 0 for unlimited [0,1000]

/bpp : depth

Session bpp (color depth) (default:16)

/buildconfig

Print the build configuration

/cache :[bitmap[:on|off],codec[:rfx|nsc],glyph[:on|off],offscreen[:on|off],persist,persist-file: filename ]

/cert :[deny,ignore,name: name ,tofu,fingerprint: hash : hash as hex [,fingerprint: hash : another hash ]]

Certificate accept options. Use with care!
* deny ... Automatically abort connection if the certificate does not match, no user interaction.
* ignore ... Ignore the certificate checks altogether (overrules all other options)
* name ... Use the alternate <name> instead of the certificate subject to match locally stored certificates
* tofu ... Accept certificate unconditionally on first connect and deny on subsequent connections if the certificate does not match
* fingerprints ... A list of certificate hashes that are accepted unconditionally for a connection

/client-build-number : number

Client Build Number sent to server (influences smartcard behaviour, see [MS-RDPESC])

/client-hostname : name

Client Hostname to send to server

Redirect clipboard:
* use-selection:<atom> ... (X11) Specify which X selection to access. Default is CLIPBOARD. PRIMARY is the X-style middle-click selection.
* direction-to:[all|local|remote|off] control enabled clipboard direction
* files-to:[all|local|remote|off] control enabled file clipboard direction (default:on)

-compression , -z

compression (default:on)

/compression-level : level

Compression level (0,1,2)

+credentials-delegation

credentials delegation (default:off)

/d : domain

Domain

-decorations

Window decorations (default:on)

/disp

Display control

/drive : name , path

Redirect directory <path> as named share <name>. Hotplug support is enabled with /drive:hotplug,*. This argument provides the same function as "Drives that I plug in later" option in MSTSC.

+drives

Redirect all mount points as shares (default:off)

/dump : record|replay ,file: file [,nodelay]

record or replay dump

/dvc : channel [, options ]

Dynamic virtual channel

+dynamic-resolution

Send resolution updates when the window is resized (default:off)

/echo , /echo

Echo channel

-encryption

Encryption (experimental) (default:on)

/encryption-methods :[40,][56,][128,][FIPS]

RDP standard security encryption methods

Fullscreen mode (<Ctrl>+<Alt>+<Enter> toggles fullscreen)

+fipsmode

FIPS mode (default:off)

/floatbar [:sticky:[on|off],default:[visible|hidden],show:[always|fullscreen|window]]

floatbar is disabled by default (when enabled defaults to sticky in fullscreen mode)

-fonts

smooth fonts (ClearType) (default:on)

+force-console-callbacks

Use default callbacks (console) for certificate/credential/... (default:off)

/frame-ack : number

Number of frame acknowledgement

/args-from : file |stdin|fd: number |env: name

Read command line from a file, stdin or file descriptor. This argument can not be combined with any other. Provide one argument per line.

/from-stdin [:force]

Read credentials from stdin. With <force> the prompt is done before connection, otherwise on server request.

/gateway :g: gateway [: port ],u: user ,d: domain ,p: password ,usage-method:[direct|detect],access-token: token ,type:[rpc|http[,no-websockets][,extauth-sspi-ntlm]|auto[,no-websockets][,extauth-sspi-ntlm]]|arm,url: wss://url ,bearer: oauth2-bearer-token , /gw :g: gateway [: port ],u: user ,d: domain ,p: password ,usage-method:[direct|detect],access-token: token ,type:[rpc|http[,no-websockets][,extauth-sspi-ntlm]|auto[,no-websockets][,extauth-sspi-ntlm]]|arm,url: wss://url ,bearer: oauth2-bearer-token

Gateway Hostname

/gdi :sw|hw

GDI rendering

/geometry

Geometry tracking channel

+gestures

Consume multitouch input locally (default:off)

RDP8 graphics pipeline

-grab-keyboard

Grab keyboard focus, forward all keys to remote (default:on)

-grab-mouse

Grab mouse focus, forward all events to remote (default:on)

/h : height

Height (default:768)

-heartbeat

Support heartbeat PDUs (default:on)

/help , /?

Print help

+home-drive

Redirect user home as share (default:off)

/ipv4 [:[:force]], /4 [:[:force]]

Prefer IPv4 A record over IPv6 AAAA record

/ipv6 [:[:force]], /6 [:[:force]]

Prefer IPv6 AAAA record over IPv4 A record

/jpeg

JPEG codec support

/jpeg-quality : percentage

JPEG quality

/kbd :[layout:[0x id | name ],lang: 0xid ,fn-key: value ,type: value ,subtype: value ,unicode[:on|off],remap: key1 = value1 ,remap: key2 = value2 ,pipe: filename ]

Keyboard related options:
* layout: set the keybouard layout announced to the server
* lang: set the keyboard language identifier sent to the server
* fn-key: Function key value
* remap: RDP scancode to another one. Use /list:kbd-scancode to get the mapping. Example: To switch 'a' and 's' on a US keyboard: /kbd:remap:0x1e=0x1f,remap:0x1f=0x1e
* pipe: Name of a named pipe that can be used to type text into the RDP session

/kerberos :[kdc-url: url ,lifetime: time ,start-time: time ,renewable-lifetime: time ,cache: path ,armor: path ,pkinit-anchors: path ,pkcs11-module: name ]

Kerberos options

/load-balance-info : info-string

Load balance info

List available options for subcommand (default:List available options for subcommand)

/log-filters : tag : level [, tag : level [,...]]

Set logger filters, see wLog(7) for details

Set the default log level, see wLog(7) for details

/max-fast-path-size : size

Specify maximum fast-path update size

/max-loop-time : time

Specify maximum time in milliseconds spend treating packets

+menu-anims

menu animations (default:off)

/microphone [:[sys: sys ,][dev: dev ,][format: format ,][rate: rate ,][channel: channel ]], /mic [:[sys: sys ,][dev: dev ,][format: format ,][rate: rate ,][channel: channel ]]

Audio input (microphone)

/monitors : id [, id [,...]]

Select monitors to use (only effective in fullscreen or multimonitor mode)

-mouse-motion

Send mouse motion (default:on)

+mouse-relative

Send mouse motion with relative addressing (default:off)

/mouse :[relative:[on|off],grab:[on|off]]

Mouse related options:
* relative: send relative mouse movements if supported by server
* grab: grab the mouse if within the window

/multimon [:force]

Use multiple monitors

+multitouch

Redirect multitouch input (default:off)

-multitransport

Support multitransport protocol (default:on)

-nego

protocol security negotiation (default:on)

Network connection type

/nsc , /nscodec

NSCodec support

/orientation :[0|90|180|270]

Orientation of display in degrees

+old-license

Use the old license workflow (no CAL and hwId set to 0) (default:off)

/p : password

Password

/parallel [: name [, path ]]

Redirect parallel device

/parent-window : window-id

Parent window id

/pcb : blob

Preconnection Blob

/pcid : id

Preconnection Id

/pheight : height

Physical height of display (in millimeters)

/play-rfx : pcap-file

Replay rfx pcap file

/port : number

Server port

-suppress-output

suppress output when minimized (default:on)

+print-reconnect-cookie

Print base64 reconnect cookie after connecting (default:off)

/printer [: name [, driver [,default]]]

Redirect printer device

/proxy :[ proto ://][ user : password @] host [: port ]

Proxy settings: override env. var (see also environment variable below). Protocol "socks5" should be given explicitly where "http" is default.

/pth : password-hash , /pass-the-hash : password-hash

Pass the hash (restricted admin mode)

/pwidth : width

Physical width of display (in millimeters)

/rdp2tcp : executable path[:arg...]

TCP redirection

/reconnect-cookie : base64-cookie

Pass base64 reconnect cookie to the connection

/redirect-prefer : FQDN|IP|NETBIOS ,[...]

Override the preferred redirection order

/relax-order-checks , /relax-order-checks

Do not check if a RDP order was announced during capability exchange, only use when connecting to a buggy server

/restricted-admin , /restrictedAdmin

Restricted admin mode

/remoteGuard , /remoteGuard

Remote guard credentials

/rfx

RemoteFX

/rfx-mode :[image|video]

RemoteFX mode

/scale :[100|140|180]

Scaling factor of the display (default:100)

/scale-desktop : percentage

Scaling factor for desktop applications (value between 100 and 500) (default:100)

/scale-device :100|140|180

Scaling factor for app store applications (default:100)

/sec :[rdp[:[on|off]]|tls[:[on|off]]|nla[:[on|off]]|ext[:[on|off]]|aad[:[on|off]]]

Force specific protocol security. e.g. /sec:nla enables NLA and disables all others, while /sec:nla:[on|off] just toggles NLA

/serial [: name [, path [, driver [,permissive]]]], /tty [: name [, path [, driver [,permissive]]]]

Redirect serial device

/server-name : name

User-specified server name to use for validation (TLS, Kerberos)

/shell : shell

Alternate shell

/shell-dir : dir

Shell working directory

/size : width x height or percent %[wh]

Screen size (default:1024x768)

/smart-sizing [: width x height ]

Scale remote desktop to window size

/smartcard [: str [, str ...]]

Redirect the smartcard devices containing any of the <str> in their names.

/smartcard-logon [:[cert: path ,key: key ,pin: pin ,csp: csp name ,reader: reader ,card: card ]]

Activates Smartcard (optional certificate) Logon authentication.

/sound [:[sys: sys ,][dev: dev ,][format: format ,][rate: rate ,][channel: channel ,][latency: latency ,][quality: quality ]], /audio [:[sys: sys ,][dev: dev ,][format: format ,][rate: rate ,][channel: channel ,][latency: latency ,][quality: quality ]]

Audio output (sound)

/span

Span screen over multiple monitors

/spn-class : service-class

SPN authentication service class

/ssh-agent , /ssh-agent

SSH Agent forwarding channel

/sspi-module : SSPI module path

SSPI shared library module file path

/winscard-module : WinSCard module path

WinSCard shared library module file path

/disable-output

Deactivate all graphics decoding in the client session. Useful for load tests with many simultaneous connections

/t : title , /title : title

Window title

-themes

themes (default:on)

/timeout : time in ms , /timeout : time in ms

Advanced setting for high latency links: Adjust connection timeout, use if you encounter timeout failures with your connection (default:9000)

/timezone : windows timezone

Use supplied windows timezone for connection (requires server support), see /list:timezones for allowed values

/tls :[ciphers|seclevel|secrets-file|enforce]

TLS configuration options: * ciphers:[netmon|ma|<cipher names>]
* seclevel:<level>, default: 1, range: [0-5] Override the default TLS security level, might be required for older target servers
* secrets-file:<filename>
* enforce[:[ssl3|1.0|1.1|1.2|1.3]] Force use of SSL/TLS version for a connection. Some servers have a buggy TLS version negotiation and might fail without this. Defaults to TLS 1.2 if no argument is supplied. Use 1.0 for windows 7

-toggle-fullscreen

Alt+Ctrl+Enter to toggle fullscreen (default:on)

/tune : setting:value , setting:value

[experimental] directly manipulate freerdp settings, use with extreme caution! (default:)

/u :[[ domain ] user | user [@ domain ]]

Username

+unmap-buttons

Let server see real physical pointer button (default:off)

/usb :[dbg,][id: vid : pid #...,][addr: bus : addr #...,][auto]

Redirect USB device

/v : server [:port]

Server hostname

/vc : channel [, options ]

Static virtual channel

/version

Print version

/video

Video optimized remoting channel

/prevent-session-lock [: time in sec ]

Prevent session locking by injecting fake mouse motion events to the server when the connection is idle (default interval: 180 seconds)

/vmconnect [: vmid ]

Hyper-V console (use port 2179, disable negotiation)

/w : width

Width (default:1024)

-wallpaper

wallpaper (default:on)

+window-drag

full window drag (default:off)

/window-position : xpos x ypos

window position

/wm-class : class-name

Set the WM_CLASS hint for the window instance

/workarea

Use available work area

CONFIGURATION FILE

Format and Location:

The configuration file is stored per user.

The XDG_CONFIG_HOME environment variable can be used to override the base directory.

This defaults to ˜/.config The location relative to XDG_CONFIG_HOME is $XDG_CONFIG_HOME/freerdp/sdl-freerdp.json

The configuration is stored in JSON format

Supported options:

SDL_KeyModMask

Defines the key combination required for SDL client shortcuts.

Default KMOD_RSHIFT

An array of SDL_Keymod strings as defined at /SDL_Keymod

SDL_Fullscreen

Toggles client fullscreen state.

Default SDL_SCANCODE_RETURN .