MacOS Fingerprint in bash

First, open up Terminal. Navigate to the directory where the system stores the list of PAMs by typing cd /etc/pam.d/ and open the sudo file there in your favorite command-line text editor.

1 (You can also always use a GUI editor like BBEdit too.) Note that if you open it via the command-line, you’ll need to use sudo itself to do so, since the file is (understandably) protected.

Once you’ve opened it, add the following below the first line (you’ll see the headers under which each of the entries goes):

auth sufficient

That line basically tells the sudo command that the Touch ID authentication module is sufficient to authorize the user, which is all you need to do.

Sudo with Touch ID

Save the file and you’re done! Now, the next time you use the sudo command, instead of being prompted for your password, you’ll get a dialog box asking you to authenticate with Touch ID, just as you would any other time you needed to authenticate. (And, as an extra bonus, if you choose to click the Enter Password, you’ll get prompted to use either the password or your Apple Watch, if you have one.)


MacOS Fingerprint in bash
Chivier Humber
Posted on
February 2, 2023
Licensed under