macOS: How to Enable Touch ID Authentication for Sudo in Terminal

macOS terminal icon

A few days ago, a commenter in The Mac Observer‘s Mac Geek Gab Forum shared a way to use the sudo command in Terminal and use Touch ID authentication. With the default set up you have to type in your log in password for the admin account to use the command.

Sudo With Touch ID

First, commenter penguintopia says we must create a shell script:

#!/bin/bash
if [[ `grep tid /etc/pam.d/sudo` ]]
then
echo "TouchID already enabled"
else
sed -i '' '1 a\
auth sufficient pam_tid.so\
' /etc/pam.d/sudo
echo "Enabling TouchID for sudo";
fi

Next, make the shell script executable:

chmod +x /usr/local/bin/update_sudo_tid.sh

Finally, add this command to crontab with crontab -e:

@reboot /usr/local/bin/update_sudo_tid.sh

This will preserve any changes Apple makes.

One thought on “macOS: How to Enable Touch ID Authentication for Sudo in Terminal

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.