Developing software in the Real World

Add TouchID authentication to sudo

Now that I have a TouchID enabled Mac, I want to be able use TouchID for sudo access.

There’s a pam module available, so it just needs enabling:

  • Edit /etc/pam.d/sudo
  • Add a new line under line 1 (which is a comment) containing:

    (Leave all other lines in this file.)

That’s it. Now, whenever you use sudo, you have the option of using TouchID to authenticate.

Screenshot 2021 11 15 at 11 08 18

Scripting it

It turns out that whenever there’s an OS update, /etc/pam.d/sudo is reset, so you need to re-add the line. Hence, I wrote a script called /usr/local/bin/enable-touch-id:

Don’t forget to enable execute permissions with chmod a+x /usr/local/bin/enable-touch-id and then you can simply run it after every OS update.

Thoughts? Leave a reply

Your email address will not be published. Required fields are marked *