Your browser does not allow storing cookies. We recommend enabling them.


Dataset and HFS File System Access

Old SFTP clients regard / (slash) as a directory separator, which requires the SFTP server to use some "tricks" to fool the clients. The SFTP client generally does not have any inherent knowledge of MVS datasets and accesses all files as they were part of a hierarchical file system.

If an SFTP client tries to open the file //FILE.NAME, the MVS dataset is actually opened. Some SFTP clients remove all consecutive slashes so that the file to be accessed becomes /FILE.NAME. The SFTP server will interpret this as the HFS file FILE.NAME, located at the HFS root. To avoid this client behavior, the SFTP server has other ways of naming MVS datasets. If a client tries to access the file /_FILE.NAME, /FTADV:X=BIN/_/FILE.NAME or /FTADV:X=BIN/__FILE.NAME, the SFTP server interprets these as the dataset //FILE.NAME. All these combinations are needed as it may be necessary to make the SFTP clients pass the correct file or dataset name to the server.

In z/OS, if a dataset name is not enclosed in single quotes, the user prefix is added in front of the dataset name. For example, if user USER1 has a dataset DATASET.NAME1, the user can access it using the dataset name //DATASET.NAME1. It is also possible to use an absolute prefixed name //'USER1.DATASET.NAME1'.

Because single quotes are special characters in most environments, the SFTP server introduces a new convention to use triple slashes to access absolute prefixed dataset names. The name becomes ///USER1.DATASET.NAME1. All combinations of slashes and underscores can be used. For example, USER1 can access his/her dataset using one of the following names:






The choice of name type depends on the client. If consecutive slashes are not sent to the server, "/_" (or "/__" for a prefixed absolute dataset) is probably the best choice. The SFTP client interprets the file path to be absolute and does not add any directories in front of the name. If a file transfer advice string (see Advice String) is added in front of the file name, "__" (or "___" for a prefixed absolute dataset) is a safe choice. The dataset name becomes /FTADV:X=BIN/__DATASET.NAME1. The client interprets it as an absolute path to the file and does not change it. The SFTP server on the other hand recognizes the advice string /FTADV:X=BIN/ and interprets __DATASET.NAME1 to be the real name of the dataset //DATASET.NAME1.

z/OS has also library datasets, whose members are accessed using the dataset name //DATASET.NAME1(MEMBER1).

Again, parentheses may be special characters in some environments. The SFTP server introduces a new convention for accessing library members using a single slash as a member separator. The name becomes //DATASET.NAME1/MEMBER1.

Migrated Datasets

Tectia Server for IBM z/OS will not mount volumes or consider off-line devices when accessing datasets, instead it will issue an error message if the dataset is in the catalog but the volume is not available.

Many clients do not show the server's error message and will instead show "No such file".

Accessing HFS Root

Because of the new conventions for dataset names there are some exceptions in the HFS filenames. HFS file or directory name cannot start with an underscore if the file or directory is located in the root directory. Also, if an advice string is used with absolute HFS names, the HFS root must be written either as / or _.

Case-Sensitivity of HFS and MVS Names

HFS file names are case-sensitive. For example, /tmp/MYFILE and /tmp/myfile result in two different files.

MVS dataset names are case-insensitive. For example //'USER1.DATASET.NAME1' and //'user1.dataset.name1' are handled the same way.


Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more