diff --git a/provider/provider.go b/provider/provider.go
index 8d1e916..1ee22cf 100644
--- a/provider/provider.go
+++ b/provider/provider.go
@@ -175,27 +175,29 @@ func (p *SSHProvider) Configure(ctx context.Context, req provider.ConfigureReque
 	}
 
 	sshTunnel.Auth = []ssh.SSHAuth{}
-	privateKey := ssh.SSHPrivateKey{}
-	if data.Auth.PrivateKey.Content.ValueString() != "" {
-		privateKey.PrivateKey = data.Auth.PrivateKey.Content.ValueString()
-	}
-	if data.Auth.PrivateKey.Password.ValueString() != "" {
-		privateKey.Password = data.Auth.PrivateKey.Password.ValueString()
-	}
-	if data.Auth.PrivateKey.Certificate.ValueString() != "" {
-		privateKey.Certificate = data.Auth.PrivateKey.Certificate.ValueString()
+  if data.Auth.PrivateKey != nil {
+    privateKey := ssh.SSHPrivateKey{}
+    if data.Auth.PrivateKey.Content.ValueString() != "" {
+      privateKey.PrivateKey = data.Auth.PrivateKey.Content.ValueString()
+    }
+    if data.Auth.PrivateKey.Password.ValueString() != "" {
+      privateKey.Password = data.Auth.PrivateKey.Password.ValueString()
+    }
+    if data.Auth.PrivateKey.Certificate.ValueString() != "" {
+      privateKey.Certificate = data.Auth.PrivateKey.Certificate.ValueString()
+    }
+    sshTunnel.Auth = append(sshTunnel.Auth, privateKey)
+  }
+	if data.Auth.Password.ValueString() != "" {
+		sshTunnel.Auth = append(sshTunnel.Auth, ssh.SSHPassword{
+			Password: data.Auth.Password.ValueString(),
+		})
 	}
-	sshTunnel.Auth = append(sshTunnel.Auth, privateKey)
 	if authSock != "" {
 		sshTunnel.Auth = append(sshTunnel.Auth, ssh.SSHAuthSock{
 			Path: authSock,
 		})
 	}
-	if data.Auth.Password.ValueString() != "" {
-		sshTunnel.Auth = append(sshTunnel.Auth, ssh.SSHPassword{
-			Password: data.Auth.Password.ValueString(),
-		})
-	}
 	resp.DataSourceData = &sshTunnel
 }