Best Self Hosted Alternatives to Kiteworks

Filestash is a self-hosted, web-based file manager and file sharing portal that provides a unified interface over many storage systems and protocols. It aims to deliver a modern “cloud drive” experience while keeping data in your existing infrastructure through backend connectors.

Key Features

• Unified web UI for multiple backends (including SFTP, S3-compatible storage, FTP/FTPS, WebDAV, SMB, NFS, and Git)
• Share links for files and folders, designed for convenient external access
• Plugin-based architecture for extending storage backends, authentication, UI, and capabilities
• SSO integration options via enterprise identity systems (LDAP, SAML, and OIDC)
• Built-in viewers for common media types (images, audio, video), with optional transcoding support
• Built-in API and gateway-style options to expose underlying storage via protocols such as SFTP and S3

Use Cases

• Provide a web portal for SFTP/S3/WebDAV/SMB/NFS storage without migrating data
• Enable secure file sharing and collaboration over existing network or object storage
• Offer a branded, single entry point to multiple storage systems for teams or customers

Limitations and Considerations

• Some advanced capabilities (connectors, viewers, automation, and integrations) depend on the available plugin set and configuration

Filestash is a good fit when you want a polished, extensible file browser and sharing layer on top of heterogeneous storage. Its plugin system and broad protocol support make it adaptable to both homelab and enterprise environments.

Papermark is an open-source document sharing platform and virtual data room alternative to DocSend. It lets teams upload documents, share them via secure links, and track engagement with built-in analytics and branding controls.

Key Features

• Secure shareable document links with revocation and access controls
• Custom domains and branding for viewer experience
• Document tracking and engagement analytics (including page-by-page insights)
• Data room-style organization for sharing multiple documents
• Authentication features such as 2FA and SSO (availability depends on deployment/plan)

Use Cases

• Sales and partnerships: share decks and proposals and measure engagement
• Fundraising and investor relations: run a data room with controlled access
• Secure client document delivery with branded links and audit-friendly tracking

Limitations and Considerations

• Some analytics and integrations may rely on third-party services depending on configuration
• Requires external object/blob storage and a PostgreSQL database for typical deployments

Papermark is a strong fit for teams that want DocSend-style sharing with more control over hosting, branding, and data. It combines link-based document delivery with practical analytics for understanding how recipients engage with shared files.

OpenCloud is an open source platform for file management, sharing, and collaboration designed for organizations that need control over their data. It focuses on simple operation, strong security, and integration into existing IT environments.

Key Features

• File management with sharing links and permission controls
• Real-time collaboration features and integration with an office suite
• OpenID Connect authentication with support for external identity providers and an embedded identity provider
• Security features such as encryption, two-factor authentication, and versioning to help recover from unwanted changes
• Designed for on-premises operation and environments with strict compliance requirements

Use Cases

• Internal file sharing and collaboration for teams in companies and public institutions
• Secure data rooms for projects, research groups, or cross-department collaboration
• Replacement for proprietary EFSS solutions in sovereignty-focused IT stacks

Limitations and Considerations

• The backend stores data on the filesystem and does not rely on a traditional database, which may influence scaling and backup approaches depending on your deployment model

OpenCloud is a strong fit for organizations seeking a modern, open source EFSS and collaboration solution with OIDC-based authentication and enterprise-oriented security controls. It is particularly suited to deployments that prioritize data sovereignty and straightforward integration.

FileGator is a self-hosted, open-source web application for managing files and folders through a modern browser UI. It supports multiple users with roles and permissions and can work with local storage or external providers via storage adapters.

Key Features

• Multi-user accounts with roles, permissions, and per-user home folders
• Core file operations: upload, download, copy, move, rename, delete, create, edit, and preview
• Chunked, resumable uploads with drag-and-drop and progress indication
• Bulk download and on-the-fly ZIP/unzip support
• Pluggable storage backends (local filesystem and third-party storage via adapters)
• Designed to run without a mandatory database (depending on chosen adapters)

Use Cases

• Provide a simple web-based alternative to FTP/SFTP for teams
• Collect uploads from students, clients, or field workers into controlled folders
• Manage and transfer files across local and supported cloud/object storage backends

Limitations and Considerations

• Symlinks and file ownership changes (chown) are not supported in typical local adapter usage
• Very large numbers of files in a single directory can reduce performance

FileGator is a practical solution for browser-based file administration and sharing with access control. It fits well for small to mid-sized deployments that need a lightweight, extensible file manager with optional external storage integration.

Pydio Cells is a self-hosted, enterprise-grade content collaboration platform designed for organizations that need secure file sharing, collaboration, and document management without relying on SaaS services.

Key Features

• Self-hosted deployment with data control and hybrid cloud readiness
• High-performance large file transfers up to 5TB
• No-code automation via Cells Flows for complex workflows
• Granular access control, SSO, 2FA, and ACL-based permissions
• Digital Asset Management and Document Management capabilities
• Web-based collaboration with an integrated UI and REST/CLI APIs
• Private data rooms for sensitive transactions and audits

Use Cases

• Enterprises requiring on-prem data sovereignty and regulated access controls
• Organizations consolidating document workflows across departments and partners
• Private-cloud deployments replacing SaaS with centralized governance

Limitations and Considerations

• Windows support in the latest development branch is not fully mature; Linux/macOS are the recommended targets

Conclusion

Pydio Cells combines self-hosted control with scalable collaboration features, making it suitable for organizations needing secure document sharing, workflow automation, and governance.

ProjectSend is a clients-oriented file sharing web application designed for securely distributing and collecting files through a simple portal. It focuses on privacy and control, with client accounts, access restrictions, and detailed activity tracking.

Key Features

• Client accounts and client groups for targeted file delivery
• Role-based permissions with granular access controls and custom roles
• Detailed logging and statistics for user/client actions and file access
• Optional server-side file encryption at rest (AES-256-GCM)
• Upload controls such as auto-expiration, disk quotas, and download limits
• Optional client uploads to allow two-way file exchange
• External storage support including S3-compatible destinations
• Multi-language interface with extensive community translations
• Theming and customizable email templates (with editor integration)

Use Cases

• Securely sharing project deliverables and documents with external clients
• Collecting files from customers with controlled access and audit trails
• Replacing ad-hoc email attachments with an organized client portal

Limitations and Considerations

• Requires a PHP-compatible web server and a MySQL database
• Some deployment options (such as community Docker images) may be unofficial and differ from the upstream support model

ProjectSend is a practical choice for teams that need a straightforward, self-managed client file portal with strong permissioning and traceability. It fits well for small businesses and agencies that want controlled file exchange without relying on third-party file sharing services.

Sharry is a self-hosted web application that provides simple, privacy-conscious file sharing. It offers both send and receive workflows, resumable uploads, and a web client plus a REST API for automation and integration.

Key Features

• Resumable uploads implemented via the tus protocol, enabling reliable large-file uploads and resume after network interruptions.
• Bidirectional workflows: authenticated users can publish download links; anonymous users can upload to user-managed alias pages.
• Multiple storage backends: supports storing files on the filesystem, inside the database, or in S3-compatible object storage.
• Relational database support for metadata and optional file storage: PostgreSQL, MariaDB, and H2 are supported.
• Download-friendly behavior using ETag and HTTP range requests to enable partial downloads and in-browser video seeking.
• REST API exposing core functionality for scripting and integration with other systems.
• Access controls for public shares: configurable lifetime, optional password protection, and download limits.
• Web-based management UI and email notification capabilities when configured.
• Packaging and deployment options including Debian packages, Docker, and Nix/NixOS integrations.

Use Cases

• Team file exchange: share large artifacts, logs, or media with coworkers via short-lived, password-protected links.
• External collection: allow customers or partners to upload files to a named alias page without requiring accounts.
• Automated workflows: integrate Sharry into CI, backup, or content pipelines using the REST API and supported storage backends.

Sharry combines a resilient upload stack with multiple storage and database options to fit varied infrastructure needs. Its focus is on straightforward file exchange, resumability, and integration points for automation and self-hosted deployments.

nextExplorer is a modern web-based file explorer for browsing and managing mounted folders through a polished, responsive interface. It is designed for teams and homelabs that want controlled access to shared storage, with a Docker-first deployment model.

Key Features

• Local authentication with users and groups, plus optional OpenID Connect (OIDC) SSO
• Volume-based browsing for multiple mounted directories under a configurable root
• Fast previews for images, videos, and PDFs, including thumbnail generation (FFmpeg)
• Built-in text/code editor with syntax highlighting and configurable supported extensions
• Link-based sharing with configurable permissions (read-only or read-write), including guest access
• Filename and content search with ripgrep-backed searching and tunable limits
• Modern UX features like grid/list/column views, drag-and-drop uploads, context menus, and keyboard shortcuts
• Admin-focused controls such as policies, session settings, and auditability options

Use Cases

• Provide authenticated access to NAS or server folders for a small team
• Share project folders with external collaborators via controlled share links
• Lightweight web UI for managing files in a homelab, including previews and quick edits

Limitations and Considerations

• Some advanced document editing capabilities require integrating an external OnlyOffice Document Server
• Deep content search depends on ripgrep availability and may require tuning limits for large datasets

nextExplorer is a practical option when you want a fast, modern file browser with strong access control and convenient previews. Its container-first approach and reverse-proxy friendliness make it suitable for both simple single-host installs and more structured internal deployments.

GoMFT is a web-based managed file transfer (MFT) application built with Go and powered by rclone to move data between many storage providers. It provides a central UI to configure transfer jobs, schedule them, and monitor progress with logs and file-level history.

Key Features

• Create and manage transfer jobs with configurable source/destination settings
• Cron-based scheduling for recurring transfers
• Real-time job monitoring with detailed logs and transfer statistics
• Broad storage backend support via rclone (S3-compatible, WebDAV, SFTP/FTP, SMB/CIFS, local, and more)
• File metadata tracking with history, status, filtering, and retention controls
• Optional archiving of transferred files for compliance/traceability
• Notifications via email and webhooks, plus integrations such as ntfy and Gotify
• Role-based access control and admin-managed user accounts
• Supports external authentication via OpenID Connect/OAuth2 providers

Use Cases

• Scheduled syncs and backups between on-prem storage and cloud object storage
• Managed, auditable file delivery workflows between teams and systems
• Consolidated transfer monitoring and alerting for rclone-based operations

Limitations and Considerations

• Actively under development; configuration and database fields may change between releases
• Requires rclone to be installed and available for transfer execution

GoMFT fits teams that want a lightweight web UI around rclone for repeatable, scheduled transfers with visibility and notifications. It is suitable for both homelabs and small-to-medium environments needing basic MFT capabilities without heavy enterprise infrastructure.

PlikShare is a self-hosted file sharing and collaboration platform that organizes files into workspaces and "boxes" to control external access. It provides user management, granular permissions, and flexible storage backends for on-prem or S3-compatible object stores.

Key Features

• Box-based sharing model with invite, anonymous links, upload-only and read-only modes
• Unlimited users and workspaces with role- and permission-based access control
• Flexible storage: local disk or S3-compatible object stores (Cloudflare R2, AWS S3, DigitalOcean Spaces, Backblaze B2)
• File previews for video, audio, text, PDFs, markdown (with Mermaid) and ZIP archive browsing
• Built-in file encryption and per-box access controls
• Embeddable box widget (JavaScript/CSS) to collect or present files on other websites
• Integrations: OCR via AWS Textract and preliminary ChatGPT integration for querying text files
• Docker-ready deployment and CLI/config tooling; email configuration for notifications and user confirmations

Use Cases

• Centralized team file sharing and project workspaces with controlled external collaboration
• Collecting files from customers or partners via embeddable upload widgets on public sites
• Hosting large media or archival files on S3-compatible storage while retaining fine-grained access control

Limitations and Considerations

• OCR via Textract requires AWS S3 as intermediate storage and appropriate AWS credentials
• ChatGPT/AI integrations are early-stage and require external API/configuration; not a full RAG/LLM platform
• Only markdown files are editable in-browser; general file editing is not provided
• No official desktop sync client; functionality is primarily web-first

PlikShare is focused on secure, configurable file sharing with embeddable workflows and S3 support, suitable for teams that need on-prem control or S3-backed storage. It is deployable via containers and emphasizes fine-grained access controls and preview capabilities.

OpenSSH's sftp-server is the server-side SFTP subsystem that runs under sshd to provide secure file-transfer operations over the SSH transport. It is distributed as part of the OpenSSH suite and is available as an external sftp-server binary or via the internal-sftp implementation inside sshd. (openssh.com)

Key Features

• Implements the server side of the SFTP protocol (invoked via sshd Subsystem or ForceCommand internal-sftp). (man.openbsd.org)
• Provides both a standalone sftp-server binary and internal-sftp (in-process) mode for chrooted and restricted sessions. (openssh.com)
• Supports modern SSH authentication methods (public-key, certificate support and protocol extensions such as FIDO/U2F) and a range of key-exchange and cipher algorithms. (cvsweb.openbsd.org)
• Server-side protocol extensions are implemented (examples include server-side copy/corp-data extensions tracked in the sftp-server tree). (cvsweb.openbsd.org)
• Designed with OpenSSH's privilege separation, logging options, and portability across Unix-like systems; crypto implementations include both dedicated algorithms (e.g., ChaCha20-Poly1305 sources) and links to OpenSSL/crypto APIs in the tree. (cvsweb.openbsd.org)

Use Cases

• Providing secure SFTP access for remote users or automated backup clients over SSH with configurable chroot jails and restricted shells. (unitedbsd.com)
• Embedding secure file-transfer into existing SSH-based infrastructure (system accounts, authorized_keys, certificates, and server-side policy). (openssh.com)
• Offering server-side copy and protocol-extension features for efficient remote file operations (reducing client-side data movement). (cvsweb.openbsd.org)

Limitations and Considerations

• Chroot configuration is strict: the chroot path must be owned by root and have strict permissions, which often causes confusing permission errors for administrators if not set up exactly. (reddit.com)
• Platform/packaging variations (e.g., Windows ports or distro-packaged builds) have historically exhibited differences or bugs (notably reported issues with some Windows builds' ChrootDirectory handling). Administrators should test the exact packaged build used in production. (reddit.com)

OpenSSH's sftp-server is the canonical, widely used SFTP implementation for SSH-based file transfer. It is actively maintained inside the OpenSSH/OpenBSD source tree, supports protocol extensions and modern authentication methods, and is intended for integration with system-level account and chroot configurations.