diff --git a/pkg/config/config.go b/pkg/config/config.go
index ca70a2c9c..1ee4f9bb8 100644
--- a/pkg/config/config.go
+++ b/pkg/config/config.go
@@ -186,10 +186,18 @@ type OS struct {
 	Password       string            `json:"password,omitempty"`
 	Environment    map[string]string `json:"environment,omitempty"`
 	Labels         map[string]string `json:"labels,omitempty"`
+	SSHD           SSHDConfig        `json:"sshd,omitempty"`
 
 	PersistentStatePaths []string `json:"persistentStatePaths,omitempty"`
 }
 
+// SSHDConfig is the SSHD configuration for the node
+//
+//   - SFTP: the switch to enable/disable SFTP
+type SSHDConfig struct {
+	SFTP bool `json:"sftp,omitempty"`
+}
+
 type HarvesterConfig struct {
 	// Harvester will use scheme version to determine current version and migrate config to new scheme version
 	SchemeVersion          uint32 `json:"schemeVersion,omitempty"`
diff --git a/pkg/config/cos.go b/pkg/config/cos.go
index dd298f8b5..9dc81caa5 100644
--- a/pkg/config/cos.go
+++ b/pkg/config/cos.go
@@ -205,6 +205,9 @@ func ConvertToCOS(config *HarvesterConfig) (*yipSchema.YipConfig, error) {
 		},
 	}
 
+	// Handle the sshd components
+	overwriteSSHDComponent(config)
+
 	// Add after-install-chroot stage
 	if len(config.OS.AfterInstallChrootCommands) > 0 {
 		afterInstallChroot := yipSchema.Stage{}
@@ -217,6 +220,13 @@ func ConvertToCOS(config *HarvesterConfig) (*yipSchema.YipConfig, error) {
 	return cosConfig, nil
 }
 
+func overwriteSSHDComponent(config *HarvesterConfig) {
+	if config.OS.SSHD.SFTP {
+		config.OS.AfterInstallChrootCommands = append(config.OS.AfterInstallChrootCommands, "mkdir -p /etc/ssh/sshd_config.d")
+		config.OS.AfterInstallChrootCommands = append(config.OS.AfterInstallChrootCommands, "echo 'Subsystem	sftp	/usr/lib/ssh/sftp-server' > /etc/ssh/sshd_config.d/sftp.conf")
+	}
+}
+
 func overwriteAfterInstallChrootStage(config *HarvesterConfig, stage *yipSchema.Stage) error {
 	content, err := render("cos-after-install-chroot.yaml", config)
 	if err != nil {