Unlike Apache, pam_krb5 does not seem to require a service key. My understanding is that the service key is used to ensure that the Kerberos server is not being spoofed. Could anyone explain why pam_krb5 does not seem to require a service key? Is this optional? Thank you. Mike