diff --git a/system/options.nix b/system/options.nix
index 03ef575f437..b182e673b97 100644
--- a/system/options.nix
+++ b/system/options.nix
@@ -354,6 +354,16 @@
   }
 
   
+  {
+    name = ["services" "sshd" "allowSFTP"];
+    default = true;
+    description = "
+      Whether to enable the SFTP subsystem in the SSH daemon.  This
+      enables the use of commands such as sftp(1) and sshfs.
+    ";
+  }
+
+  
   {
     name = ["services" "ntp" "enable"];
     default = true;
diff --git a/system/upstart.nix b/system/upstart.nix
index 7281e8d3e68..c490bc7b2fa 100644
--- a/system/upstart.nix
+++ b/system/upstart.nix
@@ -87,6 +87,7 @@ import ../upstart-jobs/gather.nix {
       inherit (pkgs) writeText openssh glibc pwdutils;
       inherit (pkgs.xorg) xauth;
       forwardX11 = config.get ["services" "sshd" "forwardX11"];
+      allowSFTP = config.get ["services" "sshd" "allowSFTP"];
     })
 
   # NTP daemon.
diff --git a/upstart-jobs/sshd.nix b/upstart-jobs/sshd.nix
index 4988158caa1..69be033316d 100644
--- a/upstart-jobs/sshd.nix
+++ b/upstart-jobs/sshd.nix
@@ -1,15 +1,24 @@
-{writeText, openssh, glibc, pwdutils, xauth, forwardX11}:
+{ writeText, openssh, glibc, pwdutils, xauth
+, forwardX11, allowSFTP
+}:
 
 let
 
   sshdConfig = writeText "sshd_config" "
     UsePAM yes
+    
     ${if forwardX11 then "
       X11Forwarding yes
       XAuthLocation ${xauth}/bin/xauth
     " else "
       X11Forwarding no
     "}
+
+    ${if allowSFTP then "
+      Subsystem sftp ${openssh}/libexec/sftp-server
+    " else "
+    "}
+    
   ";
 
 in