We are updating the requirements for Community registration. As of 7/21/21 all users will be required to register a phone number with their My Alteryx accounts. If you have already registered, you will be prompted on your next login to add your phone number.

Alteryx Designer Knowledge Base

Definitive answers from Designer experts.

Error transferring data: failed initialization with Download Tool

JakeS
Alteryx
Alteryx
Created

Environment Details


All versions

When using the download tool with an SFTP or HTTPS connection, you may receive the error - Error transferring data: failed initialization. This often occurs when Designer can't agree on a cipher suite to communicate with the host server.



Cause


The download tool utilizes cURL to make requests. When an initial request is made to communicate with a Secure (SSL) server (SFTP or HTTPS) the client proposes Algorithms that the data can be encrypted with. If the Host server is not willing to communicate using any of the proposed algorithms, the server will terminate communication.



Resolution


There is no workaround besides making sure any cipher suites we propose exist on the host server. This many not be possible if the organization requires specific security. The Download tool can currently only use SHA1 for encryption. If the SFTP or HTTPS will only communicate with SHA2, the connection will fail.

Comments
smountne
6 - Meteoroid

will alteryx be upgrading to support the SHA2 (TLS 1.2) security protocols?  this is impacting a lot of ability to up/down load with sftp servers

smountne
6 - Meteoroid

I am using an Alteryx server and using the WINSCR is not an option

 

ElCaptain
5 - Atom

Seeing how SHA1 is broken (see https://shattered.io/ for details), I sure hope this is a temporary problem, and not a permanent stance, @JakeS ?

calber
5 - Atom

My team is migrating an SFTP server from Ubuntu 16.04 to Ubuntu 20.04 due to end of support for 16.04. This migration caused our Alteryx workflows using the download tool to break with the "Error transferring data: failed initialization" error. It turns our Ubuntu 20.04 does not by default support SHA1.


Fortunately, our server administrator was able to add the following to the /etc/ssh/sshd_config file:


KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1

 

This added SHA1 as an algorithm, and after restarting sshd the workflows using the download tool function again.

 

I would like to request that the download tool be updated to be compatible with SHA2, as it seems that this will only become a larger and larger issue in the future.

jly
5 - Atom

I'm not familiar with sshd_config files, so how would you add that algorithm to the file?  I am trying to communicate the change I want to the system admin, but they want to know exactly where this text needs to be entered.

 

Thanks.

calber
5 - Atom

The sshd_config file is a text file, and our server admin added the "KexAlgorithms" text I gave in my previous post immediately before the line reading "# Allow client to pass locale environment variables".

jly
5 - Atom

I'm looking through the file and I don't see "# Allow client to pass locale environment variables".  I do see "# Send locale-related environment variables".

 

Do you mind me asking if there was a particular command prompt your server admin used to make the edit or did they simply open the file, copy and paste?

 

Thank you for your help.

calber
5 - Atom

Here is the server admin's response to your questions @jly :

 

      The KexAlgorithms were added by opening the file and paste the content, it could be placed anywhere but the line must begin with "KexAlgorithms"