Sudo with TouchID

TouchID is great - a seamless way to authenticate on the new Macbooks. I enjoy the ease of logins, admin passwords, unlocking apps, etc, but the one place I wish I had it is in the Terminal, to authenticate sudo.

My wish has been granted!

Sudo open /etc/pam.d/sudo. The file should look something like:

# sudo: auth account password session
auth       sufficient     pam_smartcard.so
auth       required       pam_opendirectory.so
account    required       pam_permit.so
password   required       pam_deny.so
session    required       pam_permit.so

Add auth sufficient pam_tid.so to the top of the file (below the comment):

# sudo: auth account password session
auth       sufficient     pam_tid.so
auth       sufficient     pam_smartcard.so
auth       required       pam_opendirectory.so
account    required       pam_permit.so
password   required       pam_deny.so
session    required       pam_permit.so

Save, and enjoy TouchID authentication for sudo.

The Fusion Race
He who submits a resume has already lost
The future of humanity is in management
The era of hype: why the model is cracking
On DeepSeek and Export Controls

~/Adi

Sudo with TouchID

Related Posts