Docs

Getting started

A source authenticates with an SSH key pair. The public half is registered against a tenant in the console; the private half stays on the source. This guide covers generating a key, registering it, and connecting a client.

1. Generate a key pair

On the source, generate an Ed25519 key pair. The private key never leaves the source.

ssh-keygen -t ed25519 -f fifo_source -C "source@example.com"

Two files result: fifo_source (private) and fifo_source.pub (public).

2. Register the public key

Open the console at control.fifo.run and add a new origin. Paste the contents of fifo_source.pub. The console records the key and its fingerprint against the tenant and the delivery sink.

3. Connect the SFTP client

The gateway listens on a non-standard port rather than port 22. The port is shown in the console alongside the registered key. Configure the SFTP client with that port and the private key.

sftp -i fifo_source -P <port> upload@<shard-host>

A connection succeeds only when the offered key matches a registered public key. Once connected, files written over SFTP are delivered to the tenant’s HTTPS sink.

Connecting from a CRM or managed client

Most CRM and managed SFTP clients expose host, port, username, and a private key field in their delivery configuration. Set the port to the value shown in the console. A client restricted to outbound port 22 cannot reach the gateway; those clients need an egress rule for the configured port.