The current Kerberos code could certainly use work. We last tested the kerberos functionality several years back.
define STD 0 /* standard PBS security (pbs_iff program) */
define KAUTH 1 /* kerberized PBS with authentication only */
define KCRYPT 2 /* kerberized with authentication, encryption */
The encryption related code is probably somewhat incomplete, but the authentication piece should work with minor modification between clients commands and server.
However, we recently replaced the RPP protocol (UDP based) between the server and moms with a full TCP based communication (called TPP), and there we had implemented authentication using the munge authentication.
So the bigger work would be to implement kerberos authentication/encryption over the the TPP protocol.
I have some notes I had made several years back on the kerberos code when I last worked on it; probably can search and find it if you care.