Using TouchID and tmux with pam_reattach

 Posted on January 20, 2020  |  1 minutes  |  Chris Hein

Did you know you can use tmux and still have access to TouchID for sudo access. This post walks you though how to configure your /etc/pam.d/sudo to allow this.

Use tmux and Terminal on a MacBook Pro with TouchID? The rest of this post walks you though how to enable your TouchID to work for sudo access, saving time.

Install

First you’ll need to install fabianishere/pam_reattach which is a PAM module for reattaching to the authenticated user’s session.

brew install fabianishere/personal/pam_reattach

Once you have installed this you can add it to your /etc/pam.d/sudo. To do this you’ll need to open using sudo in your favorite editor.

sudo vim /etc/pam.d/sudo

In this file you’ll want the beginning to start like this.

  1 # sudo: auth account password session
  2 auth       optional       pam_reattach.so
  3 auth       sufficient     pam_smartcard.so
  4 auth       required       pam_opendirectory.so

Specifying optional allow sudo to contine working even if the PAM module has issues. Once all of this has been added you can close the file restart your sessions and try a sudo command. 🎉

tmux  touchid  macos  authentication 
comments powered by Disqus