Your browser does not allow storing cookies. We recommend enabling them.


Data Set and HFS File System Access

Old SFTP clients regard / (slash) as a directory separator, which requires the SFTP server to use some "tricks" to fool the clients. The SFTP client generally does not have any inherent knowledge of MVS data sets and accesses all files as if they were part of a hierarchical file system.

If an SFTP client tries to open the file //FILE.NAME, the MVS data set is actually opened. Some SFTP clients remove all consecutive slashes so that the file to be accessed becomes /FILE.NAME. The SFTP server will interpret this as the HFS file FILE.NAME, located at the HFS root. To avoid this client behavior, the SFTP server has other ways of naming MVS data sets. If a client tries to access the file /_FILE.NAME, /FTADV:X=BIN/_/FILE.NAME or /FTADV:X=BIN/__FILE.NAME, the SFTP server interprets these as the data set //FILE.NAME. All these combinations are needed as it may be necessary to make the SFTP clients pass the correct file or data set name to the server.

In z/OS, if a data set name is not enclosed in single quotes, the user prefix is added in front of the data set name. For example, if user USER1 has a data set DATASET.NAME1, the user can access it using the data set name //DATASET.NAME1. It is also possible to use an absolute prefixed name //'USER1.DATASET.NAME1'.

Because single quotes are special characters in most environments, the SFTP server introduces a new convention to use triple slashes to access absolute prefixed data set names. The name becomes ///USER1.DATASET.NAME1. All combinations of slashes and underscores can be used. For example, USER1 can access his/her data set using one of the following names:






The choice of name type depends on the client. If consecutive slashes are not sent to the server, "/_" (or "/__" for a prefixed absolute data set) is probably the best choice. The SFTP client interprets the file path to be absolute and does not add any directories in front of the name. If a file transfer advice string (see File Transfer Advice String (FTADV)) is added in front of the file name, "__" (or "___" for a prefixed absolute data set) is a safe choice. The data set name becomes /FTADV:X=BIN/__DATASET.NAME1. The client interprets it as an absolute path to the file and does not change it. The SFTP server on the other hand recognizes the advice string /FTADV:X=BIN/ and interprets __DATASET.NAME1 to be the real name of the data set //DATASET.NAME1.

z/OS has also library data sets, whose members are accessed using the data set name //DATASET.NAME1(MEMBER1).

Again, parentheses may be special characters in some environments. The SFTP server introduces a new convention for accessing library members using a single slash as a member separator. The name becomes //DATASET.NAME1/MEMBER1.

Accessing HFS Root

Because of the new conventions for data set names there are some exceptions in the HFS file names. HFS file or directory name cannot start with an underscore if the file or directory is located in the root directory. Also, if an advice string is used with absolute HFS names, the HFS root must be written either as / or _.

Case-Sensitivity of HFS and MVS Names

HFS file names are case-sensitive. For example, /tmp/MYFILE and /tmp/myfile result in two different files.

MVS data set names are case-insensitive. For example //'USER1.DATASET.NAME1' and //'user1.dataset.name1' are handled the same way.


Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more