Use Touch ID for sudo on Mac
The landscape of security is changing quite a bit. We've gone from basic username and password to 2FA, facial recognition, fingerprint recognition, and so on. Hell, my Mac unlocks simply when I have my Apple Watch near by. In the end, I probably use the Mac fingerprint key the most.
One functionality that still requires manually typing a password is using sudo from command line. Did you know, however, that you can instead require the fingerprint key instead of typing out your password?
# Open the sudo utility
sudo vi /etc/pam.d/sudo
# Add the following as the first line
auth sufficient pam_tid.so
Whether or not you'd prefer to type it out or simply use the fingerprint is obviously personal preference. Since you expect to be be typing in a command line, moving your finger to touch the key is probably not very efficient. If you do want to use fingerprint, however, here you go!
![Create a Sheen Logo Effect with CSS]()
I was inspired when I first saw Addy Osmani's original ShineTime blog post. The hover sheen effect is simple but awesome. When I started my blog redesign, I really wanted to use a sheen effect with my logo. Using two HTML elements and...
![Responsive and Infinitely Scalable JS Animations]()
Back in late 2012 it was not easy to find open source projects using requestAnimationFrame() - this is the hook that allows Javascript code to synchronize with a web browser's native paint loop. Animations using this method can run at 60 fps and deliver fantastic...
![Generate Dojo GFX Drawings from SVG Files]()
One of the most awesome parts of the Dojo / Dijit / DojoX family is the amazing GFX library. GFX lives within the dojox.gfx namespace and provides the foundation of Dojo's charting, drawing, and sketch libraries. GFX allows you to create vector graphics (SVG, VML...
![Downloadify: Client-Side File Generation Using JavaScript and Flash]()
The following tools is in its very beta stages and works intermittently. Its so damn useful that I had to show it off now though!
I recently stumbled upon Downloadify, a client-side file generation tool based on JavaScript and Flash ActionScript code. A...
First you need to make the file writable (it is not by default). And you need to do this after every macOS update, because macOS updates reset the file content.
Nice trick. Unfortunately, on Big Sur, at least, it pops up the touch id alert to use it only when the session is terminated, so it’s not useful.
But it is read-only!
As the co-author of sudo, I am amused :)
No need to make it writable when editing it with vi, you just add a
!to the save and exit command (:wq!) and it will save it corectly – it will even preserve the read only state of the file.Works nicely on Big Sur for me, it pops up the touch id alert, I touch and sudo all the things =)
Is there a way to make sudo work with the Apple Watch as well?
You can also:
*browse to the folder using finder,
*edit the file with vscode, or any other code editor
*save it to desktop
*delete original file
*and place the edited
same with nano you don’t need to make it writable.
You may want to update this for Sonoma – or simple add a pointer to https://0xmachos.com/2023-10-01-Touch-ID-sudo/