Removal of plaintext krb5 support.

[Luke Howard]

>The problem is that we trust the KDC, but don't verify that trust.  It
>is much more secure to use the pam_krb5 module, which has the ability to
>verify that trust with the local machine's own keytab, preventing a
>spoofed KDC.

I think this is the right thing to do. Using Kerberos to verify
plaintext passwords is not in the spirit of the protocol, and
even though there are often good reasons for doing this, it
would be better to avoid duplicating code and force the use of
PAM and pam_krb5.

-- Luke

--
Luke Howard | lukehoward.com
PADL Software | www.padl.com