diff --git a/compose.sftp.yml b/compose.sftp.yml
index 10b1a12..7a8fca7 100644
--- a/compose.sftp.yml
+++ b/compose.sftp.yml
@@ -14,12 +14,27 @@ services:
     secrets:
       - ssh_password
     volumes:
-      - content:/content
+      - content:/content:rw
     ports:
       - 2220:2222
     deploy:
       restart_policy:
         condition: on-failure
+  # The following is an admittedly hacky way of setting the owner
+  # of the `content` volume to the unprivileged `sftp` user, so
+  # that content can be transferred through the unprivileged sshd process
+  # using `scp` etc.
+  sshstart:
+    image: lscr.io/linuxserver/openssh-server:latest
+    user: root
+    depends_on:
+      - ssh
+    deploy:
+      restart_policy:
+        condition: none
+    volumes:
+      - content:/content:rw
+    entrypoint: [ "bash", "-c", "sleep 10 && chown -R 1000:1000 /content"]
 
 secrets:
   ssh_password: