til biometrics for `sudo` on a mac

Like most corporate laptops, my work machine is locked down with a password policy that requires me to change it every few months. Although I rarely need sudo access, when I do, it’s a pain to type in my password every time.

I recently discovered a neat trick that allows me to use Touch ID to authenticate sudo commands on my Mac. Here’s how you can set it up:

sudo cp /etc/pam.d/sudo_local.template /etc/pam.d/sudo_local

sudo cp /etc/pam.d/sudo_local.template /etc/pam.d/sudo_local

and ensure that the auth line is uncommented. If not, this also works:

sudo echo "auth sufficient pam_tid.so" > /etc/pam.d/sudo_local

sudo echo "auth sufficient pam_tid.so" > /etc/pam.d/sudo_local

makefiles footnotes

til biometrics for sudo on a mac

til biometrics for `sudo` on a mac