diff --git a/config/config.go b/config/config.go
index 4910caa2..de071532 100644
--- a/config/config.go
+++ b/config/config.go
@@ -147,7 +147,7 @@ func Init() {
 			MACs:                    []string{},
 			TrustedUserCAKeys:       []string{},
 			LoginBannerFile:         "",
-			EnabledSSHCommands:      sftpd.GetDefaultSSHCommands(),
+			EnabledSSHCommands:      []string{},
 			KeyboardInteractiveHook: "",
 			PasswordAuthentication:  true,
 		},
@@ -955,7 +955,7 @@ func setViperDefaults() {
 	viper.SetDefault("sftpd.macs", globalConf.SFTPD.MACs)
 	viper.SetDefault("sftpd.trusted_user_ca_keys", globalConf.SFTPD.TrustedUserCAKeys)
 	viper.SetDefault("sftpd.login_banner_file", globalConf.SFTPD.LoginBannerFile)
-	viper.SetDefault("sftpd.enabled_ssh_commands", globalConf.SFTPD.EnabledSSHCommands)
+	viper.SetDefault("sftpd.enabled_ssh_commands", sftpd.GetDefaultSSHCommands())
 	viper.SetDefault("sftpd.keyboard_interactive_auth_hook", globalConf.SFTPD.KeyboardInteractiveHook)
 	viper.SetDefault("sftpd.password_authentication", globalConf.SFTPD.PasswordAuthentication)
 	viper.SetDefault("ftpd.banner", globalConf.FTPD.Banner)
diff --git a/config/config_test.go b/config/config_test.go
index 96d827bf..1f7d7cf6 100644
--- a/config/config_test.go
+++ b/config/config_test.go
@@ -102,6 +102,35 @@ func TestEmptyBanner(t *testing.T) {
 	assert.NoError(t, err)
 }
 
+func TestEnabledSSHCommands(t *testing.T) {
+	reset()
+
+	configDir := ".."
+	confName := tempConfigName + ".json"
+	configFilePath := filepath.Join(configDir, confName)
+	err := config.LoadConfig(configDir, "")
+	assert.NoError(t, err)
+
+	reset()
+
+	sftpdConf := config.GetSFTPDConfig()
+	sftpdConf.EnabledSSHCommands = []string{"scp"}
+	c := make(map[string]sftpd.Configuration)
+	c["sftpd"] = sftpdConf
+	jsonConf, err := json.Marshal(c)
+	assert.NoError(t, err)
+	err = os.WriteFile(configFilePath, jsonConf, os.ModePerm)
+	assert.NoError(t, err)
+	err = config.LoadConfig(configDir, confName)
+	assert.NoError(t, err)
+	sftpdConf = config.GetSFTPDConfig()
+	if assert.Len(t, sftpdConf.EnabledSSHCommands, 1) {
+		assert.Equal(t, "scp", sftpdConf.EnabledSSHCommands[0])
+	}
+	err = os.Remove(configFilePath)
+	assert.NoError(t, err)
+}
+
 func TestInvalidUploadMode(t *testing.T) {
 	reset()