mcjones.ca

Touch ID and sudo in macOS

Had been meaning to do this for ages and now in Sonoma (macOS 14+) it can stick!

Pre Sonoma

sudo sed -i '' '2a\
auth       sufficient     pam_tid.so\
' /etc/pam.d/sudo

Post Sonoma

sudo cp /etc/pam.d/sudo_local.template /etc/pam.d/sudo_local
sudo sed -i '' 's/#auth/auth/g' /etc/pam.d/sudo_local

Latest source I used: https://sixcolors.com/post/2023/08/in-macos-sonoma-touch-id-for-sudo-can-survive-updates/