How to use sudo with Touch ID on macOS Sonoma 14.x and above

For macOS Ventura 13.x and below, see How to use sudo with Touch ID on a Mac.

In macOS Sonoma, a new method has been introduced to enable Touch ID when running sudo commands, making it more persistent across system updates. Previously, editing the /etc/pam.d/sudo file was necessary, but these changes would revert after an update, requiring reconfiguration. With Sonoma, the settings can be added to a separate file /etc/pam.d/sudo_local, which isn't overwritten during updates, allowing Touch ID to remain enabled for sudo commands consistently.

Simply run the following command in your terminal to enable using sudo with Touch ID and make it persist across OS upgrades.

sed -e 's/^#auth/auth/' /etc/pam.d/sudo_local.template | sudo tee /etc/pam.d/sudo_local

The previous code performs the following steps.

  • Copies the local sudo configuration file template provided by masOS Sonoma and above.
  • Names the file sudo_local so it can be recognized by the system when detecting authorization methods.
  • Uncomments the line enabling the touch ID module.

Open an new terminal session and test the setup.

sudo ls
Tags
Mac
Touch ID
About text formats

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.

Certifications