Skip to content

Make sudo authenticate with Touch ID in a tmux session

After the recent switch to, I have been fully working under tmux sessions. Recently I found that the Touch ID authentication for sudo haven’t been working. I searched over the Internet and found out itself is kinda incompatible with tmux.

To solve this, I had to use a simple hack (someone made the solution for us, thanks!). I use, a PAM module for reattaching to the authenticating user’s per-session bootstrap namespace on macOS, and it’s updated just 18 days ago as the time of writing!

To install pam_reattach:

$ brew install fabianishere/personal/pam_reattach

Ultimately, make sure /etc/pam.d/sudo looks like this in the beginning of file:

auth     optional
auth     sufficient

Equivalent command line:

$ sudo sed -i '' -e '/^#/a\'$'\n''auth       sufficient' /etc/pam.d/sudo

(Note that on major macOS updates you need to re-do this again.)

References #