configure packer to use the ssh communicator

README.md

@@ -271,6 +271,31 @@ In vSphere configure the following Inventory Objects permissions:
 For more information see the [vSphere Virtual Machine Administration/Required Privileges for Common Tasks document](https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.vm_admin.doc/GUID-4D0F8E63-2961-4B71-B365-BBFA24673FDB.html) in the [vSphere Virtual Machine Administration manual](https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.vm_admin.doc/GUID-55238059-912E-411F-A0E9-A7A536972A91.html).
 
 
+## SSH access
+
+You can connect to this machine through SSH to run a remote command, e.g.:
+
+```batch
+ssh -p 2222 vagrant@localhost "whoami /all"
+```
+
+**NB** the exact SSH address and port can be obtained with `vagrant ssh-config`.
+
+**NB** we cannot use the vagrant SMB shared folder type when using the `winssh`
+communicator; it will fail to mount the shared folder with the error:
+
+  ```
+  cmdkey /add:192.168.1.xxx /user:xxx /pass:"*****"
+  CMDKEY: Credentials cannot be saved from this logon session.
+  ```
+
+**NB** this is a [Windows design restriction](https://github.com/PowerShell/Win32-OpenSSH/issues/996#issuecomment-610635377)
+that prevents remote network logon sessions from accessing certain parts of the
+system.
+
+**NB** this is why the default vagrant box communicator is `winrm`.
+
+
 ## WinRM access
 
 You can connect to this machine through WinRM to run a remote command, e.g.:

windows-10-1809-vsphere.pkr.hcl

@@ -50,14 +50,14 @@ variable "vsphere_network" {
 }
 
 source "vsphere-iso" "windows-10-1809-amd64" {
-  communicator  = "winrm"
   CPUs          = 4
   RAM           = 4096
   guest_os_type = "windows9_64Guest"
   floppy_files = [
     "tmp/windows-10-1809-vsphere/autounattend.xml",
     "vmtools.ps1",
     "winrm.ps1",
+    "provision-openssh.ps1",
   ]
   iso_paths = [
     "[${var.vsphere_datastore}] iso/windows-10-1809-17763.107.101029-1455.rs5_release_svc_refresh_CLIENT_LTSC_EVAL_x64FRE_en-us.iso",
@@ -84,9 +84,10 @@ source "vsphere-iso" "windows-10-1809-amd64" {
   folder              = var.vsphere_folder
   vm_name             = "windows-10-1809-amd64-vsphere"
   shutdown_command    = "shutdown /s /t 0 /f /d p:4:1 /c \"Packer Shutdown\""
-  winrm_password      = "vagrant"
-  winrm_username      = "vagrant"
-  winrm_timeout       = "4h"
+  communicator        = "ssh"
+  ssh_password        = "vagrant"
+  ssh_username        = "vagrant"
+  ssh_timeout         = "4h"
 }
 
 build {
@@ -118,13 +119,6 @@ build {
     script = "enable-remote-desktop.ps1"
   }
 
-  provisioner "powershell" {
-    script = "provision-openssh.ps1"
-  }
-
-  provisioner "windows-restart" {
-  }
-
   provisioner "powershell" {
     script = "provision-cloudbase-init.ps1"
   }

windows-10-1809.pkr.hcl

@@ -49,6 +49,7 @@ source "qemu" "windows-10-1809-amd64" {
   floppy_files = [
     "windows-10/autounattend.xml",
     "winrm.ps1",
+    "provision-openssh.ps1",
     "drivers/vioserial/w10/amd64/*.cat",
     "drivers/vioserial/w10/amd64/*.inf",
     "drivers/vioserial/w10/amd64/*.sys",
@@ -68,10 +69,10 @@ source "qemu" "windows-10-1809-amd64" {
   iso_url          = var.iso_url
   iso_checksum     = var.iso_checksum
   shutdown_command = "shutdown /s /t 0 /f /d p:4:1 /c \"Packer Shutdown\""
-  communicator     = "winrm"
-  winrm_username   = "vagrant"
-  winrm_password   = "vagrant"
-  winrm_timeout    = "4h"
+  communicator     = "ssh"
+  ssh_username     = "vagrant"
+  ssh_password     = "vagrant"
+  ssh_timeout      = "4h"
 }
 
 source "virtualbox-iso" "windows-10-1809-amd64" {
@@ -81,6 +82,7 @@ source "virtualbox-iso" "windows-10-1809-amd64" {
   floppy_files = [
     "windows-10/autounattend.xml",
     "winrm.ps1",
+    "provision-openssh.ps1",
   ]
   guest_additions_interface = "sata"
   guest_additions_mode      = "attach"
@@ -105,10 +107,10 @@ source "virtualbox-iso" "windows-10-1809-amd64" {
     ["modifyvm", "{{ .Name }}", "--nictype3", "82540EM"],
     ["modifyvm", "{{ .Name }}", "--nictype4", "82540EM"],
   ]
-  communicator   = "winrm"
-  winrm_username = "vagrant"
-  winrm_password = "vagrant"
-  winrm_timeout  = "4h"
+  communicator = "ssh"
+  ssh_username = "vagrant"
+  ssh_password = "vagrant"
+  ssh_timeout  = "4h"
 }
 
 source "hyperv-iso" "windows-10-1809-amd64" {
@@ -121,6 +123,7 @@ source "hyperv-iso" "windows-10-1809-amd64" {
   cd_files = [
     "windows-10-uefi/autounattend.xml",
     "winrm.ps1",
+    "provision-openssh.ps1",
   ]
   disk_size         = var.disk_size
   first_boot_device = "DVD"
@@ -131,10 +134,10 @@ source "hyperv-iso" "windows-10-1809-amd64" {
   temp_path         = "tmp"
   vlan_id           = var.hyperv_vlan_id
   shutdown_command  = "shutdown /s /t 0 /f /d p:4:1 /c \"Packer Shutdown\""
-  communicator      = "winrm"
-  winrm_username    = "vagrant"
-  winrm_password    = "vagrant"
-  winrm_timeout     = "4h"
+  communicator      = "ssh"
+  ssh_username      = "vagrant"
+  ssh_password      = "vagrant"
+  ssh_timeout       = "4h"
 }
 
 build {
@@ -185,13 +188,6 @@ build {
     script = "enable-remote-desktop.ps1"
   }
 
-  provisioner "powershell" {
-    script = "provision-openssh.ps1"
-  }
-
-  provisioner "windows-restart" {
-  }
-
   provisioner "powershell" {
     script = "provision-cloudbase-init.ps1"
   }

windows-10-20h2.pkr.hcl

@@ -49,6 +49,7 @@ source "qemu" "windows-10-20h2-amd64" {
   floppy_files = [
     "windows-10/autounattend.xml",
     "winrm.ps1",
+    "provision-openssh.ps1",
     "drivers/vioserial/w10/amd64/*.cat",
     "drivers/vioserial/w10/amd64/*.inf",
     "drivers/vioserial/w10/amd64/*.sys",
@@ -68,10 +69,10 @@ source "qemu" "windows-10-20h2-amd64" {
   iso_url          = var.iso_url
   iso_checksum     = var.iso_checksum
   shutdown_command = "shutdown /s /t 0 /f /d p:4:1 /c \"Packer Shutdown\""
-  communicator     = "winrm"
-  winrm_username   = "vagrant"
-  winrm_password   = "vagrant"
-  winrm_timeout    = "4h"
+  communicator     = "ssh"
+  ssh_username     = "vagrant"
+  ssh_password     = "vagrant"
+  ssh_timeout      = "4h"
 }
 
 source "virtualbox-iso" "windows-10-20h2-amd64" {
@@ -81,6 +82,7 @@ source "virtualbox-iso" "windows-10-20h2-amd64" {
   floppy_files = [
     "windows-10/autounattend.xml",
     "winrm.ps1",
+    "provision-openssh.ps1",
   ]
   guest_additions_interface = "sata"
   guest_additions_mode      = "attach"
@@ -105,10 +107,10 @@ source "virtualbox-iso" "windows-10-20h2-amd64" {
     ["modifyvm", "{{ .Name }}", "--nictype3", "82540EM"],
     ["modifyvm", "{{ .Name }}", "--nictype4", "82540EM"],
   ]
-  communicator   = "winrm"
-  winrm_username = "vagrant"
-  winrm_password = "vagrant"
-  winrm_timeout  = "4h"
+  communicator = "ssh"
+  ssh_username = "vagrant"
+  ssh_password = "vagrant"
+  ssh_timeout  = "4h"
 }
 
 source "hyperv-iso" "windows-10-20h2-amd64" {
@@ -121,6 +123,7 @@ source "hyperv-iso" "windows-10-20h2-amd64" {
   cd_files = [
     "windows-10-uefi/autounattend.xml",
     "winrm.ps1",
+    "provision-openssh.ps1",
   ]
   disk_size         = var.disk_size
   first_boot_device = "DVD"
@@ -131,10 +134,10 @@ source "hyperv-iso" "windows-10-20h2-amd64" {
   temp_path         = "tmp"
   vlan_id           = var.hyperv_vlan_id
   shutdown_command  = "shutdown /s /t 0 /f /d p:4:1 /c \"Packer Shutdown\""
-  communicator      = "winrm"
-  winrm_username    = "vagrant"
-  winrm_password    = "vagrant"
-  winrm_timeout     = "4h"
+  communicator      = "ssh"
+  ssh_username      = "vagrant"
+  ssh_password      = "vagrant"
+  ssh_timeout       = "4h"
 }
 
 build {
@@ -189,13 +192,6 @@ build {
     script = "enable-remote-desktop.ps1"
   }
 
-  provisioner "powershell" {
-    script = "provision-openssh.ps1"
-  }
-
-  provisioner "windows-restart" {
-  }
-
   provisioner "powershell" {
     script = "provision-cloudbase-init.ps1"
   }

windows-10-uefi/autounattend.xml

@@ -149,6 +149,10 @@
                     <Order>4</Order>
                     <CommandLine>PowerShell "Get-PSDRive -PSProvider FileSystem | ForEach-Object {$p = Join-Path $_.Root winrm.ps1; if (Test-Path $p) {&amp;$p}}"</CommandLine>
                 </SynchronousCommand>
+                <SynchronousCommand wcm:action="add">
+                    <Order>5</Order>
+                    <CommandLine>PowerShell "Get-PSDRive -PSProvider FileSystem | ForEach-Object {$p = Join-Path $_.Root provision-openssh.ps1; if (Test-Path $p) {&amp;$p}}"</CommandLine>
+                </SynchronousCommand>
             </FirstLogonCommands>
         </component>
     </settings>

windows-10/autounattend.xml

@@ -130,6 +130,10 @@
                     <Order>4</Order>
                     <CommandLine>PowerShell -File a:\winrm.ps1</CommandLine>
                 </SynchronousCommand>
+                <SynchronousCommand wcm:action="add">
+                    <Order>5</Order>
+                    <CommandLine>PowerShell -File a:\provision-openssh.ps1</CommandLine>
+                </SynchronousCommand>
             </FirstLogonCommands>
         </component>
     </settings>

windows-2012-r2-uefi/autounattend.xml

@@ -137,6 +137,10 @@
                     <Order>3</Order>
                     <CommandLine>PowerShell "Get-PSDrive -PSProvider FileSystem | ForEach-Object {$p = Join-Path $_.Root winrm.ps1; if (Test-Path $p) {&amp;$p}}"</CommandLine>
                 </SynchronousCommand>
+                <SynchronousCommand wcm:action="add">
+                    <Order>4</Order>
+                    <CommandLine>PowerShell "Get-PSDrive -PSProvider FileSystem | ForEach-Object {$p = Join-Path $_.Root provision-openssh.ps1; if (Test-Path $p) {&amp;$p}}"</CommandLine>
+                </SynchronousCommand>
             </FirstLogonCommands>
         </component>
     </settings>

windows-2012-r2.pkr.hcl

@@ -49,6 +49,7 @@ source "qemu" "windows-2012-r2-amd64" {
   floppy_files = [
     "windows-2012-r2/autounattend.xml",
     "winrm.ps1",
+    "provision-openssh.ps1",
     "drivers/viostor/2k12R2/amd64/*.cat",
     "drivers/viostor/2k12R2/amd64/*.inf",
     "drivers/viostor/2k12R2/amd64/*.sys",
@@ -65,10 +66,10 @@ source "qemu" "windows-2012-r2-amd64" {
   iso_url          = var.iso_url
   iso_checksum     = var.iso_checksum
   shutdown_command = "shutdown /s /t 0 /f /d p:4:1 /c \"Packer Shutdown\""
-  communicator     = "winrm"
-  winrm_username   = "vagrant"
-  winrm_password   = "vagrant"
-  winrm_timeout    = "4h"
+  communicator     = "ssh"
+  ssh_username     = "vagrant"
+  ssh_password     = "vagrant"
+  ssh_timeout      = "4h"
 }
 
 source "virtualbox-iso" "windows-2012-r2-amd64" {
@@ -78,6 +79,7 @@ source "virtualbox-iso" "windows-2012-r2-amd64" {
   floppy_files = [
     "windows-2012-r2/autounattend.xml",
     "winrm.ps1",
+    "provision-openssh.ps1",
   ]
   guest_additions_interface = "sata"
   guest_additions_mode      = "attach"
@@ -102,10 +104,10 @@ source "virtualbox-iso" "windows-2012-r2-amd64" {
     ["modifyvm", "{{ .Name }}", "--nictype3", "82540EM"],
     ["modifyvm", "{{ .Name }}", "--nictype4", "82540EM"],
   ]
-  communicator   = "winrm"
-  winrm_username = "vagrant"
-  winrm_password = "vagrant"
-  winrm_timeout  = "4h"
+  communicator = "ssh"
+  ssh_username = "vagrant"
+  ssh_password = "vagrant"
+  ssh_timeout  = "4h"
 }
 
 source "hyperv-iso" "windows-2012-r2-amd64" {
@@ -118,6 +120,7 @@ source "hyperv-iso" "windows-2012-r2-amd64" {
   cd_files = [
     "windows-2012-r2-uefi/autounattend.xml",
     "winrm.ps1",
+    "provision-openssh.ps1",
   ]
   disk_size         = var.disk_size
   first_boot_device = "DVD"
@@ -128,10 +131,10 @@ source "hyperv-iso" "windows-2012-r2-amd64" {
   temp_path         = "tmp"
   vlan_id           = var.hyperv_vlan_id
   shutdown_command  = "shutdown /s /t 0 /f /d p:4:1 /c \"Packer Shutdown\""
-  communicator      = "winrm"
-  winrm_username    = "vagrant"
-  winrm_password    = "vagrant"
-  winrm_timeout     = "4h"
+  communicator      = "ssh"
+  ssh_username      = "vagrant"
+  ssh_password      = "vagrant"
+  ssh_timeout       = "4h"
 }
 
 build {
@@ -188,13 +191,6 @@ build {
     script = "enable-remote-desktop.ps1"
   }
 
-  provisioner "powershell" {
-    script = "provision-openssh.ps1"
-  }
-
-  provisioner "windows-restart" {
-  }
-
   provisioner "powershell" {
     script = "provision-cloudbase-init.ps1"
   }

windows-2012-r2/autounattend.xml

@@ -118,6 +118,10 @@
                     <Order>3</Order>
                     <CommandLine>PowerShell -File a:\winrm.ps1</CommandLine>
                 </SynchronousCommand>
+                <SynchronousCommand wcm:action="add">
+                    <Order>4</Order>
+                    <CommandLine>PowerShell -File a:\provision-openssh.ps1</CommandLine>
+                </SynchronousCommand>
             </FirstLogonCommands>
         </component>
     </settings>

windows-2016-uefi/autounattend.xml

@@ -141,6 +141,10 @@
                     <Order>4</Order>
                     <CommandLine>PowerShell "Get-PSDrive -PSProvider FileSystem | ForEach-Object {$p = Join-Path $_.Root winrm.ps1; if (Test-Path $p) {&amp;$p}}"</CommandLine>
                 </SynchronousCommand>
+                <SynchronousCommand wcm:action="add">
+                    <Order>5</Order>
+                    <CommandLine>PowerShell "Get-PSDrive -PSProvider FileSystem | ForEach-Object {$p = Join-Path $_.Root provision-openssh.ps1; if (Test-Path $p) {&amp;$p}}"</CommandLine>
+                </SynchronousCommand>
             </FirstLogonCommands>
         </component>
     </settings>