Touch ID on MacBook for sudo

Dmitry Semenov

1 min read
Touch ID on MacBook for sudo

This instruction will teach you how to configure pam.d to use Touch ID on your MacBook to authenticate sudo commands. This is a quicker and more convenient way to sudo while still maintaining the security of your device.

Open the Terminal app on your MacBook and run:

sudo nano /etc/pam.d/sudo

Add pam_tid as a new auth method:

auth sufficient pam_tid.so

This is how the whole file should look like:

# sudo: auth account password session
auth       sufficient     pam_tid.so
auth       sufficient     pam_smartcard.so
auth       required       pam_opendirectory.so
account    required       pam_permit.so
password   required       pam_deny.so
session    required       pam_permit.so

That's it! After following these steps, you can use Touch ID to authenticate sudo commands on your MacBook.

Sign up for more like this.

Enter your email
Subscribe