Use Touch ID for sudo in terminal or tmux instead of password

Ales Lerch
Ales Lerch
- 1 min read

This is a super simple life-changing (for me) feature where you can use touchID instead of using a super long password in your terminal. Plus this is also useful when someone is next to you and you don't need to enter your super long password.

When I have to enter a password in front of someone the feeling that they can see my password makes me screw up writing the password on the first try and I have to enter it again.
And if there is the option to use it so why not?

Standart macOS terminal app

Here is a simple two-line shell script that sets Touch ID as a default option for authorization in the terminal when entering `sudo`:


chmod +w /private/etc/pam.d/sudo
sed -i '' -e ' 1 s/.*/&\nauth\tsufficient\' /private/etc/pam.d/sudo
# in case of security set pam.d readonly
chmod -w /private/etc/pam.d/sudo


For the tmux is little bit different what you need are two steps:

brew install fabianishere/personal/pam_reattach
  • second you need to activate this inside /private/etc/pam.d/ you need to add the first line to link to the
# sudo: auth account password sessios
auth     optional    /opt/homebrew/lib/pam/
auth       sufficient
auth       sufficient
auth       required
account    required
password   required
session    required

Note that I use M1 so the path is different than for intel macs. For those there is no need to special path just use