Security issue with pam-krb5 ?

Sam Hartman hartmans at MIT.EDU
Wed Aug 27 15:07:50 EDT 2003

pam-krb5 only sends passwords across the net in the clear if the
protocol it is used by does so.  Pam-krb5 is not insecure, but
pam-krb5 used with some protocols is much worse than native krb5 used
with the same protocols.

Basically pam-krb5 isn't really using kerberos for network
authentication; it is using kerberos simply for convenience.

Convenience is a fine reason to use Kerberos, but convenience is not

More information about the Kerberos mailing list