████████╗ ██████╗ ██╗ ██╗ ██████╗██╗ ██╗ ███████╗██╗ ██╗██████╗ ██████╗
╚══██╔══╝██╔═══██╗██║ ██║██╔════╝██║ ██║ ██╔════╝██║ ██║██╔══██╗██╔═══██╗
██║ ██║ ██║██║ ██║██║ ███████║ ███████╗██║ ██║██║ ██║██║ ██║
██║ ██║ ██║██║ ██║██║ ██╔══██║ ╚════██║██║ ██║██║ ██║██║ ██║
██║ ╚██████╔╝╚██████╔╝╚██████╗██║ ██║ ███████║╚██████╔╝██████╔╝╚██████╔╝
╚═╝ ╚═════╝ ╚═════╝ ╚═════╝╚═╝ ╚═╝ ╚══════╝ ╚═════╝ ╚═════╝ ╚═════╝
Use Touch ID for sudo.
Have you ever been frustrated by having to type in your password on your mac every single time
inspite of having Touch ID?
Behold, touchsudo.
A simple script that enables Touch ID control of sudo.
Credits to tw93/Mole for the core functionality.
brew tap kashyap07/homebrew-touchsudo
brew install touchsudocurl -fsSL https://raw.githubusercontent.com/kashyap07/homebrew-touchsudo/main/touchsudo -o /usr/local/bin/touchsudo
chmod +x /usr/local/bin/touchsudo# Interactive mode (shows banner + toggle)
touchsudo
# Enable Touch ID for sudo
touchsudo enable
# Disable Touch ID for sudo
touchsudo disable
# Check current status
touchsudo statustouchsudo configures macOS PAM (Pluggable Authentication Module) to accept Touch ID for sudo authentication. It:
- Detects your macOS version (Sonoma+ uses
sudo_local, older versions modifysudodirectly) - Adds
pam_tid.soto the appropriate PAM configuration - Creates backups before making changes
| macOS Version | Method |
|---|---|
| Sonoma (14+) | Uses /etc/pam.d/sudo_local (survives updates) |
| Older | Modifies /etc/pam.d/sudo (may need re-enabling after updates) |
- macOS with Touch ID (MacBook Pro 2016+, MacBook Air 2018+, or Mac with Magic Keyboard with Touch ID)
- Admin privileges (for modifying PAM configuration)
# Disable Touch ID first
touchsudo disable
# Remove via Homebrew
brew uninstall touchsudo
brew untap kashyap07/homebrew-touchsudo
# Or remove manually
rm /usr/local/bin/touchsudoMIT