Security issue with pam-krb5 ?

[Sam Hartman]

pam-krb5 only sends passwords across the net in the clear if the
protocol it is used by does so.  Pam-krb5 is not insecure, but
pam-krb5 used with some protocols is much worse than native krb5 used
with the same protocols.

Basically pam-krb5 isn't really using kerberos for network
authentication; it is using kerberos simply for convenience.

Convenience is a fine reason to use Kerberos, but convenience is not
security.