The other day I was watching one of NetworkChuck’s recent videos where he was running through a bunch of shell commands for Mac, and one stuck out to me in particular… The ability to configure Touch ID to authorise sudo commands! 🤯

Edit the following file:

sudo vim /etc/pam.d/sudo

Add this line auth sufficient to the top of the file, below the comment. It should look something like:

# sudo: auth account password session

auth sufficient

auth       sufficient
auth       required
account    required
password   required
session    required

Now close that Terminal, open a fresh one, run a sudo command and you’ll be prompted to use your Touch ID! 🎉

I was concerned this may cause issues when running sudo commands on another server via SSH, but I tested it and was pleased to find it didn’t interfere!

Although, one cavieat I noticed was this wouldn’t work while docked to a Lenovo DisplayLink, which luckily, I was able to fix with one command from a StackExchange answer!

defaults write ignoreArd -bool TRUE

Now I’m used to this, I really notice having to type my password for sudo commands on my desktop! 😂