Sudo support

Question

Is there a way (maybe alias it?) to use the new CLI features to let you use biometrics to unlock sudo password prompts?

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided

xiii · Answer

You don’t need 1Password for that, since you do this natively in macOS:

https://sixcolors.com/post/2020/11/quick-tip-enable-touch-id-for-sudo/

Answer

Thanks! That's handy and I'll play with that - I don't think it solves for when I'm remoted/ssh'ed into some other machine (my Linux server say) and need to elevate privileges there...

Answer

Hey @bdillahu, thank you for reaching out to us!

Can you please give us more information about your use-case? From what I understand, you have a remote server that you ssh into. This server has biometric authentication enabled with the CLI, and you would like the authorisation prompt to be redirected, through the ssh connection, to the machine that you physically have access to, is this correct?

I am looking forward to hearing back from you!
Best,
Horia

Answer

@"Horia.Culea_1P" Yes, that scenario is the basis of my ask - I'm ssh'ed into another machine, get a sudo prompt and would love to somehow use my local biometric auth method to answer it. But even simpler is the local device. I open a command prompt, sudo and have a prompt. XIII above gave a pointer to one way (although I so far didn't get it to work), but it seems like it might be possible to use the 1password cli stuff to have it work.

Answer

Just in case somebody else runs into this - the advice by XIII above is great... but doesn't work if you are in tmux.

https://superuser.com/questions/1342926/sudo-with-auth-sufficient-pam-tid-so-does-not-work-with-tmux

Forum Discussion

Sudo support

Recent Discussions

1Password-CLI not working

Why does the 1P CLI not access the local 1P store?

Copy secret reference (using ID values)

CLI can not connect to desktop app

Terminal integration touch id prompt frequency