Community Spring Cleaning week is here! Join your fellow Maveryx in digging through your old posts and marking comments on them as solved. Learn more here!

Alteryx Designer Desktop Knowledge Base

Definitive answers from Designer Desktop experts.

Error transferring data: failed initialization with Download Tool

JakeS
Alteryx Alumni (Retired)
Created

All versions

When using the download tool with an SFTP or HTTPS connection, you may receive the error - Error transferring data: failed initialization. This often occurs when Designer can't agree on a cipher suite to communicate with the host server.



The download tool utilizes cURL to make requests. When an initial request is made to communicate with a Secure (SSL) server (SFTP or HTTPS) the client proposes Algorithms that the data can be encrypted with. If the Host server is not willing to communicate using any of the proposed algorithms, the server will terminate communication.



There is no workaround besides making sure any cipher suites we propose exist on the host server. This many not be possible if the organization requires specific security. The Download tool uses SHA1 for encryption in versions below 2021.4. SHA2 encryption is supported in verison 2021.4 and 2022.1 Patch 3 or above. If the SFTP or HTTPS will only communicate with SHA2, the connection will fail in Patch 1 or 2 of 2022.1 and versions below 2021.4.



Comments
smountne
6 - Meteoroid

will alteryx be upgrading to support the SHA2 (TLS 1.2) security protocols?  this is impacting a lot of ability to up/down load with sftp servers

smountne
6 - Meteoroid

I am using an Alteryx server and using the WINSCR is not an option

 

ElCaptain
5 - Atom

Seeing how SHA1 is broken (see https://shattered.io/ for details), I sure hope this is a temporary problem, and not a permanent stance, @JakeS ?

calber
5 - Atom

My team is migrating an SFTP server from Ubuntu 16.04 to Ubuntu 20.04 due to end of support for 16.04. This migration caused our Alteryx workflows using the download tool to break with the "Error transferring data: failed initialization" error. It turns our Ubuntu 20.04 does not by default support SHA1.


Fortunately, our server administrator was able to add the following to the /etc/ssh/sshd_config file:


KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1

 

This added SHA1 as an algorithm, and after restarting sshd the workflows using the download tool function again.

 

I would like to request that the download tool be updated to be compatible with SHA2, as it seems that this will only become a larger and larger issue in the future.

jly
5 - Atom

I'm not familiar with sshd_config files, so how would you add that algorithm to the file?  I am trying to communicate the change I want to the system admin, but they want to know exactly where this text needs to be entered.

 

Thanks.

calber
5 - Atom

The sshd_config file is a text file, and our server admin added the "KexAlgorithms" text I gave in my previous post immediately before the line reading "# Allow client to pass locale environment variables".

jly
5 - Atom

I'm looking through the file and I don't see "# Allow client to pass locale environment variables".  I do see "# Send locale-related environment variables".

 

Do you mind me asking if there was a particular command prompt your server admin used to make the edit or did they simply open the file, copy and paste?

 

Thank you for your help.

calber
5 - Atom

Here is the server admin's response to your questions @jly :

 

      The KexAlgorithms were added by opening the file and paste the content, it could be placed anywhere but the line must begin with "KexAlgorithms"

jcardoso
8 - Asteroid

Hello all,

we are experiencing this issue 

Error transferring data: failed initialization

in several cases when trying to upload a file into an SFTP, using the download tool, write access is provided and we can connect to the SFTP, although IT support says the following:

 

" Due to security requirements on our FTP server, we cannot enable SHA1, which is quite old and vulnerable.

Could you find an alternate way to upload the files?"

Do we have a more definite solution for this issue already? What would be needed from our side in order to sort this?
Let us know please,
Regards, 

Pingu
10 - Fireball

Would love to know if there is some more news on this already like jcardoso asks? Can we expect that SHA2 will ever be implemented so that the download tool works again when a min. specific security is needed by the sftp owners.

jcardoso
8 - Asteroid

My bypass to this issue was a python script with SFTP methods, using the python tool available.

Regards,

Alekhya
5 - Atom

@jcardoso can you send a sample example workflow with the bypass solution?

 

Regards,

Alekhya

jcardoso
8 - Asteroid

hello,

how can i send the SFTP script as a macro in here? The reply platform does not allow it,

Thanks

Alekhya
5 - Atom

Hi Jcardoso,

 

I sent you a private message. Is it possible to send it there?

 

Alkhya