Getting Started

This guide gets a local SFTPWarden project running and points you to the next documentation page for each common path.

Install

Install the CLI:

python -m pip install sftpwarden

For source checkouts and documentation work:

python -m pip install -e ".[dev,docs,mysql,postgres,mongodb]"

Docker is required for the default Compose runtime. Kubernetes projects also need kubectl; Helm projects need helm.

Create a First Project

The quickest start uses YAML and user schema v1, which stores anonymous public_keys directly on each user:

sftpwarden config default-provider yaml
mkdir -p ~/sftpwarden-dev
cd ~/sftpwarden-dev
sftpwarden init dev --user-schema 1 --yes

Schema v1 is fully supported and is the simplest format for small projects. New projects default to schema v2 when --user-schema is omitted; schema v2 adds named keys, per-key metadata, expiry, disable/enable, rotation, and imports.

To start directly with schema v2:

sftpwarden init dev --user-schema 2 --yes

Add a User

Password user:

sftpwarden user create alice --password "correct horse battery staple"

Public key user:

sftpwarden user create alice --public-key ./alice.pub

Schema v2 named key:

sftpwarden user key add alice prod-ci --public-key ./prod-ci.pub

Deploy and Refresh

Start or update the runtime:

sftpwarden deploy

Apply user/provider changes to an already running runtime:

sftpwarden refresh

Use deploy after changing config, Compose, Kubernetes, Helm, or remote deployment settings. Use refresh for user changes already visible to the runtime.

Check the Project

Validate configuration and provider access:

sftpwarden validate

Inspect runtime and project health:

sftpwarden health

Preview runtime user changes without applying them:

sftpwarden plan

Choose the Next Guide

Need

Read

Understand local, remote, Kubernetes, and Helm operations

Operations

Edit sftpwarden.yaml and contexts safely

Configuration

Pick YAML, CSV, SQLite, SQL, or MongoDB

Providers

Manage named SSH keys and migrations

Named Keys

Automate or script exact commands

CLI Reference

Harden a deployment before exposure

Security