Enabling Touch ID for
sudo on macOS
Did you know that you can utilize your Mac's Touch ID feature to execute
sudo commands without the need to enter your password? This convenient trick can save you time and streamline your workflow. Let's delve into the process of setting it up.
To enable Touch ID for
sudo, follow these steps:
Open the Terminal application on your Mac.
Type the following command to open the
sudoPAM configuration file using the
- Add the following line at the top of the file:
- If you use TMUX, you'll need to attach the PAM (Pluggable Authentication Module) to TMUX to ensure that the Touch ID integration works within TMUX sessions. To do this, follow these additional steps:
pam-reattachusing Homebrew by running the following command:
- Open the
sudoPAM configuration file again:
- Add the following line below the previous line:
- Save the changes to the file.
- You might need to reboot your Mac or restart any open Terminal or TMUX sessions for the changes to take effect.
Here's a convenient script that automates these steps for you:
#!/usr/bin/env bash set -o nounset # Treat unset variables as an error # This script is going to add touch id to sudo command, including inside TMUX echo "NOTICE: you need to install pam-reattach to use it in TMUX" sudo_path="/etc/pam.d/sudo" chmod 644 $sudo_path sed -i -e '2s/^/auth\t sufficient\t pam_tid.so\n/' $sudo_path sed -i -e '3s/^/auth\t optional\t \/opt\/homebrew\/lib\/pam\/pam_reattach.so\n/' $sudo_path chmod 444 $sudo_path
Just execute this script in your Terminal, and it will handle the necessary configurations for you.
With Touch ID-enabled
sudo, you can now perform administrative tasks more conveniently and securely. This feature not only eliminates the need to type your password but also enhances the overall accessibility of your Mac. Give it a try and experience the seamless power of Touch ID in your command-line activities!"