diff --git a/README.md b/README.md
index ecfa376..e96caf6 100644
--- a/README.md
+++ b/README.md
@@ -71,8 +71,12 @@ API and examples
     port: 3333, // Port number for the current FTP server (defaults to 21).
     user: 'user', // Username
     pass: 'pass', // Password
+    ssl: true, //[optional] whether using SFTP
+    sslOptions: {} //[optional] config object for ssl connection (see below for details)
   }
   ```
+  - `options.sslOptions` is a config object for an SFTP or FTP with TLS/SSL implicit or explicit encryption
+    - applicable properties are as required for `options` argument in [tls.connect(port, host, options)](https://nodejs.org/api/tls.html#tls_tls_connect_port_host_options_callback)
 
 Creates a new Ftp instance.
 
diff --git a/lib/jsftp.js b/lib/jsftp.js
index 5e55783..ba467c0 100644
--- a/lib/jsftp.js
+++ b/lib/jsftp.js
@@ -18,6 +18,7 @@ var util = require('util');
 var fs = require('fs');
 var once = require('once');
 var unorm = require('unorm');
+var tls = require('tls');
 
 var debug = require('debug')('jsftp:general');
 var dbgCommand = require('debug')('jsftp:command');
@@ -75,6 +76,8 @@ var Ftp = module.exports = function (cfg) {
   this.port = cfg.port || FTP_PORT;
   this.user = cfg.user || 'anonymous';
   this.pass = cfg.pass || '@anonymous';
+  this.ssl = cfg.ssl || false;
+  this.sslOptions = cfg.sslOptions || null;
 
   // True if the server doesn't support the `stat` command. Since listing a
   // directory or retrieving file properties is quite a common operation, it is
@@ -117,8 +120,18 @@ Ftp.prototype._createSocket = function (port, host, firstAction) {
   this.resParser = new ResponseParser();
 
   this.authenticated = false;
-  this.socket = Net.createConnection(port, host, firstAction || NOOP);
-  this.socket.on('connect', this.reemit('connect'));
+
+  if (this.ssl) {
+    this.socket = tls.connect(port, host, this.sslOptions);
+    this.socket.on('secureConnect', function() {
+      self.runCommand('prot p', function() {
+        self.emit('connect');
+      });
+    });
+  } else {
+    this.socket = Net.createConnection(port, host, firstAction || NOOP);
+    this.socket.on('connect', this.reemit('connect'));
+  }
   this.socket.on('timeout', this.reemit('timeout'));
 
   this.pipeline = es.pipeline(this.socket, this.resParser);
@@ -618,7 +631,21 @@ Ftp.prototype.getPasvSocket = function (callback) {
       return callback(new Error('Bad passive host/port combination'));
     }
 
-    var socket = self._pasvSocket = Net.createConnection(options);
+    var socket;
+    if (self.ssl) {
+      socket = tls.connect(options.port, options.host, self.sslOptions);
+      socket.once('secureConnect', function() {
+        self.runCommand('prot p', function() {
+          self._pasvSocket = socket;
+        });
+      });
+    } else {
+      socket = self._pasvSocket = Net.createConnection(options);
+      socket.once('connect', function() {
+        self._pasvSocket = socket;
+      });
+    }
+
     socket.setTimeout(self.timeout || TIMEOUT);
     socket.once('close', function () {
       self._pasvSocket = undefined;