MacOS supports using
Touch ID
for sudo
since Sonoma.
To enable Touch ID authentication for sudo
, add this line to /etc/pam.d/sudo_local
auth sufficient pam_tid.so
See example in: /etc/pam.d/sudo_local.template
If you use DisplayLink, it will still prompt you for password. To fix this, run:
defaults write com.apple.security.authorization ignoreArd -bool TRUE
Note: Invoking sudo
from inside a tmux
session will still prompt for password.
Supposedly, this project can be used to fix this, although I have not tested it myself:
https://github.com/fabianishere/pam_reattach