I have 15 RHEL6 servers in 2 locations and another server in a third location that needs to ssh to those servers. That one server cannot successfully ssh to the other servers, except 1. I ssh using verbose and see that it gets to debug1: SSH2_MSG_KEX_DH_GEX_INIT sent and hangs

Checking the logs on the other servers, I see no messages until I CTRL C to get out of the hung ssh. Then I see, Connection closed by 10.10.10.10. Nothing else in messages and nothing in secure.

All of the 30 servers this one is trying to connect to are kickstarted and patched with the same OS.

I've searched the googles and have not found anything that can help. I'm looking here to see if you can. Thanks

Just to clarify... You have:

• Location 1: 15 servers
• Location 2: 15 servers
• Location 3: 1 server

Right?

Location 3 is unable to ssh to either Location 1 and/or Location 2?

Can Location 3 ping the servers at Locations 1 and/or 2?

Does your site have RedHat support? If so, I'd use the support that you're likely paying for.

Location 3 can ping all the servers. Location 3 has a total of 4 RHEL servers. its just one that cannot ssh to the rest. That location 3 server cannot ssh to any server in Location 1. That location 3 server can ssh to 1 out of the 15 servers in location 2. The other RHEL servers in location 3 can ssh to all 30 of those servers

Ping only means that "Point A can see Point B." It does not check port access.
Starting with ping is always good. If ping doesn't work, it guarantees ssh will not work(*). On the other hand, if ping works, it does not guarantee that ssh WILL work, it only validates that ssh COULD work.

The next step is to valid that you have connectivity on port 22.
Ex:
MyWorkstation> ping Server3-1
ping: Server3-1 is Alive

Now, you need to ensure the 'MyWorkstation' can access 'Server3-1' via port 22. In the old days, we could use telnet for this:
MyWorkstation> telnet Server3-1 22
Connect ....

Today, telnet is an insecure protocol and may not be installed on your system. Some folks use the telnet option of curl to try this:
MyWorkstation> curl telnet://Server3-1:22
If you get this message:
Failed to connect to Server3-1:22; Connection Refused
Then you cannot connect on port 22, which is why your SSH fails. Maybe a firewall issue, may be an isue with sshd not running (properly), maybe an issue with sshd_config preventing access, maybe something in /etc/hosts.alloy or /etc/hosts.deny

If you get nothing back, press enter 3 times. You will see messages about the SSH version and end with something like:
curl: (55) Send Failure: Broken Pipe
Then you can get to port 22 and the problem lies elsewhere.

I use bash to try to connect:
MyWorkstation> bash
bash-$] echo </dev/tcp/Server3-1/22
If you get a connection refused error, port 22 is inaccessible on Server3-1
If you get a blank line followed by your prompt, then you can access port 22
If the terminal hangs, you may have a slow connection (so ssh is timing out on connect).
or, in some cases, the connection is hung and you are waiting for the timeout to show that the port is closed. This would also cause an ssh error.

Post your troubleshooting results and we may be able to give you more advice.



Are you using SSH keys? Try and force a password login







(*) Excepotion: some networks disable ping, in which case, the previous statement is useless.