This content originally appeared on DEV Community 👩💻👨💻 and was authored by Ruslan Kh.
Devices listed below have fingerprint scanner (Touch ID) to simplify login process but this is not exposed in Terminal.app. So each time you run commands with elevated privileges you need to type in your password.
Compatibility list:
- MacBook Air Retina, 13" (2018-2020)
- MacBook Air (M1, 2020)
- MacBook Pro (13", 2016-2020 Four Thunderbolt 3 ports)
- MacBook Pro (15", 2016-2019)
- MacBook Pro (16", 2019,2021)
- MacBook Pro (13", M1, 2020)
- MacBook Pro (14", M2 2021)
- Magic Keyboard with Touch ID (21 May 2021)
- Magic Keyboard with Touch ID and Numeric Keypad (21 May 2021)
Magic Keyboard's Touch ID functionality is compatible with the following MacBook/iMac models:
- MacBook Air (M1, 2020)
- MacBook Pro (13", M1, 2020)
- MacBook Pro (14", 2021)
- MacBook Pro (16", 2021)
- iMac (24", M1, 2021)
- Mac mini (M1, 2020)
Please note that the keyboard will still pair and function with devices older than those listed, but that Touch ID functionality will not be enabled.
Setup PAM module to use Touch ID:
To allow Touch ID on your Mac to authenticate you for sudo access instead of a password prompt you need to do the following simple changes.
Open Spotlight:
Type terminal in Spotlight input field and open it:
Open Terminal:
Switch to the root user.
Switch to the root user by typing the command sudo su - and enter the password:
sudo su -
Open the /etc/pam.d/sudo file with you favorite editor such as vim or nano:
nano /etc/pam.d/sudo
The contents of this file should look like one of the following example:
Add the following line to the top of the file:
auth sufficient pam_tid.so
The modified contents of /etc/pam.d/sudo file should look like following example:
Save the file:
- for nano, press the specified combination (with sign “+”) of keys simultaneously:
CTRL+o
CTRL+x
- for vim:
<ESC>
:wq
Allow the system to save the changes.
Press OK button:
Also note that pam_smartcard.so may not be present on older MacOS versions. Tested with macOS Ventura (13.1).
Exit from the root shell by typing command: exit.
Try to use sudo, and you should be prompted to authenticate with Touch ID as shown below.
If you click ‘Cancel,’ you can just enter your password at the terminal prompt. If you click ‘Use Password’ you can enter your password in the dialog box.
If you connect to your macOS via SSH, it will revert to using your password, since you cannot send Touch ID fingerprints over SSH.
Note: Recent MacOS updates may remove the entry. If Touch ID stops working for
sudothen check if the entry was removed and add it back in, following these instructions again.
This content originally appeared on DEV Community 👩💻👨💻 and was authored by Ruslan Kh.
Ruslan Kh. | Sciencx (2023-02-05T18:24:59+00:00) Configure Touch ID for sudo access in Terminal.app without prompting for a password to authenticate.. Retrieved from https://www.scien.cx/2023/02/05/configure-touch-id-for-sudo-access-in-terminal-app-without-prompting-for-a-password-to-authenticate/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.