MacOS has KeyChain built into terminal
How to store your sensitive credentials to keychain
security add-generic-password -a "$USER" -s 'name_of_your_key' -w 'passphrase'
How to retrieve them from your keychain
security find-generic-password -a "$USER" -s 'name_of_your_key' -w
How to set this up in your .bash_profile
so that you can actually use this:
NAME_OF_YOUR_KEY=$(security find-generic-password -a "$USER" -s "name_of_your_key" -w)
Now you can do something like echo $NAME_OF_YOUR_KEY
and see your secret with your bash_profile being safe.