pam-krb5 only sends passwords across the net in the clear if the protocol it is used by does so. Pam-krb5 is not insecure, but pam-krb5 used with some protocols is much worse than native krb5 used with the same protocols.
Basically pam-krb5 isn't really using kerberos for network authentication; it is using kerberos simply for convenience. Convenience is a fine reason to use Kerberos, but convenience is not security. ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
