diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7064c1fb..dce6bf3a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -19,6 +19,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
 * inspect-domains: Add role
 * memcached: NRPE check for multi-instance setup
 * proftpd: Add options to override configs
+* proftpd: Allow user auth with ssh keys
 
 ### Changed
 
diff --git a/proftpd/defaults/main.yml b/proftpd/defaults/main.yml
index 1f8cf006..25d60d5b 100644
--- a/proftpd/defaults/main.yml
+++ b/proftpd/defaults/main.yml
@@ -12,6 +12,7 @@ proftpd_ftps_cert: "/etc/ssl/certs/ssl-cert-snakeoil.pem"
 proftpd_ftps_key: "/etc/ssl/private/ssl-cert-snakeoil.key"
 proftpd_sftp_enable: False
 proftpd_sftp_override: False
+proftpd_sftp_use_publickeys: False
 proftpd_sftp_port: 22222
 proftpd_accounts: []
 proftpd_accounts_final: []
diff --git a/proftpd/tasks/accounts.yml b/proftpd/tasks/accounts.yml
index 756e0ff0..0ff57272 100644
--- a/proftpd/tasks/accounts.yml
+++ b/proftpd/tasks/accounts.yml
@@ -60,3 +60,18 @@
   when: proftpd_sftp_enable | bool
   tags:
     - proftpd
+
+- name: Allow keys for SFTP account
+  blockinfile:
+    dest: "/etc/proftpd/sftp.authorized_keys/{{ item.name }}"
+    state: present
+    block: "{{ item.sshkeys }}"
+    create: yes
+    mode: 0600
+  loop: "{{ proftpd_accounts_final }}"
+  notify: restart proftpd
+  when: 
+    - proftpd_sftp_enable | bool
+    - proftpd_sftp_use_publickeys | bool
+  tags:
+    - proftpd
diff --git a/proftpd/tasks/main.yml b/proftpd/tasks/main.yml
index ddb3faee..9ddb6273 100644
--- a/proftpd/tasks/main.yml
+++ b/proftpd/tasks/main.yml
@@ -48,6 +48,20 @@
   tags:
     - proftpd
 
+- name: SFTP key folder exists if needed
+  file:
+    path: /etc/proftpd/sftp.authorized_keys/
+    state: directory
+    mode: "0700"
+    owner: root
+    group: root
+  notify: restart proftpd
+  when: 
+    - proftpd_sftp_enable | bool
+    - proftpd_sftp_use_publickeys | bool
+  tags:
+    - proftpd
+
 - name: mod_tls_memcache is disabled
   replace:
     dest: /etc/proftpd/modules.conf
diff --git a/proftpd/templates/sftp.conf.j2 b/proftpd/templates/sftp.conf.j2
index 432e9ba8..f54746f8 100644
--- a/proftpd/templates/sftp.conf.j2
+++ b/proftpd/templates/sftp.conf.j2
@@ -13,8 +13,14 @@
     
     SFTPLog      /var/log/proftpd/sftp.log
     TransferLog  /var/log/proftpd/xferlog
-    
+
+{% if proftpd_sftp_use_publickeys %}
+    SFTPAuthMethods publickey password
+    SFTPAuthorizedUserKeys file:/etc/proftpd/sftp.authorized_keys/%u
+{% else %}
     SFTPAuthMethods password
+{% endif %}
+
     SFTPHostKey /etc/ssh/ssh_host_ecdsa_key
     SFTPHostKey /etc/ssh/ssh_host_rsa_key