Updated at: 2022-05-19 GMT+08:00

Downloading a User Authentication File


When a user develops big data applications and runs them in an MRS cluster that supports Kerberos authentication, the user needs to prepare a Machine-machine user authentication file for accessing the MRS cluster. The keytab file in the authentication file can be used for user authentication.

This section describes how to download a Machine-machine user authentication file and export the keytab file on Manager. This operation is supported only in clusters with Kerberos authentication enabled or common clusters with the EIP function enabled.

Before downloading a Human-machine user authentication file, change the password for the user on MRS Manager to make the initial password set by the administrator invalid. Otherwise, the exported keytab file cannot be used. For details, see Changing the Password of an Operation User.

The operations described in this section apply only to clusters of versions earlier than MRS 3.x.

For clusters of MRS 3.x or later, see Exporting an Authentication Credential File.


  1. Access MRS Manager. For details, see Accessing MRS Manager MRS 2.1.0 or Earlier).
  2. On MRS Manager, click System.
  3. In the Permission area, click Manage User.
  4. In the row of a user for whom you want to export the keytab file, choose More > Download authentication credential to download the authentication file. After the file is automatically generated, save it to a specified path and keep it secure.

  5. Open the authentication file with a decompression program.

    • user.keytab indicates a user keytab file used for user authentication.
    • krb5.conf indicates the configuration file of the authentication server. The application connects to the authentication server according to this configuration file information when authenticating users.