packer/website/content/docs/communicators/ssh.mdx

---
description: |
  The SSH communicator uses SSH to upload files, execute scripts, etc. on
  the machine being created.
page_title: Communicators - SSH
---

# SSH Communicator

Communicators are the mechanism Packer uses to upload files, execute scripts,
etc. on the machine being created, and are configured within the
[builder](/packer/docs/templates/legacy_json_templates/builders) section.

The SSH communicator does this by using the SSH protocol. It is the default
communicator for a majority of builders.

If you have an SSH agent configured on the host running Packer, and SSH agent
authentication is enabled in the communicator config, Packer will automatically
forward the SSH agent to the remote host.

## Getting Ready to Use the SSH Communicator

The SSH communicator is the default communicator for a majority of builders, but
depending on your builder it may not work "out of the box".

If you are building from a cloud image (for example, building on Amazon), there
is a good chance that your cloud provider has already preconfigured SSH on the
image for you, meaning that all you have to do is configure the communicator in
the Packer template.

However, if you are building from a brand-new and unconfigured operating system
image, you will almost always have to perform some extra work to configure SSH
on the guest machine. For most operating system distributions, this work will
be performed by a [boot command](/packer/plugins/builders/vmware/iso#boot-configuration)
that references a file which provides answers to the normally-interactive
questions you get asked when installing an operating system. The name of this
file varies by operating system; some common examples are the "preseed" file
required by Debian, the "kickstart" file required by CentOS or the
"answer file", also known as the Autounattend.xml file, required by Windows.
For simplicity's sake, we'll refer to this file as the "preseed" file in the
rest of the documentation.

If you are unfamiliar with how to use a preseed file for automatic
bootstrapping of an image, please either take a look at our
[quick guides](/packer/guides/automatic-operating-system-installs) to
image bootstrapping, or research automatic configuration for your specific
guest operating system. Knowing how to automatically initalize your operating
system is critical for being able to successfully use Packer.

## SSH Communicator

The SSH communicator connects to the host via SSH. If you have an SSH agent
configured on the host running Packer, and SSH agent authentication is enabled
in the communicator config, Packer will automatically forward the SSH agent to
the remote host.

The SSH communicator has the following options:

@include "packer-plugin-sdk/communicator/SSH-not-required.mdx"

@include "packer-plugin-sdk/communicator/SSH-Key-Pair-Name-not-required.mdx"

@include "packer-plugin-sdk/communicator/SSH-Agent-Auth-not-required.mdx"

@include "packer-plugin-sdk/communicator/SSH-Temporary-Key-Pair-not-required.mdx"

@include "packer-plugin-sdk/communicator/SSH-Private-Key-File-not-required.mdx"

~> Note: The options `ssh_keypair_name`, `ssh_agent_auth`,
`temporary_key_pair_name`, and `ssh_private_key_file` are supported by the
communicator; however, they may not be supported for every builder. Please refer
to the builder documentation for supported options.

### SSH Communicator Details

Packer will only use one authentication method, either `publickey` or if
`ssh_password` is used Packer will offer `password` and `keyboard-interactive`
both sending the password. In other words Packer will not work with _sshd_
configured with more than one configured authentication method using
`AuthenticationMethods`.

Packer supports the following MACs:

- hmac-sha1
- hmac-sha1-96
- hmac-sha2-256
- `hmac-sha2-256-etm@openssh.com`

For more information on the ciphers that Packer supports, check the docs for
the [ssh_ciphers](/packer/docs/communicators/ssh#ssh_ciphers) template option.