How to store sensitive environment variables on MacOS

John Jung
John Jung
Oct 28 · 1 min read

MacOS has KeyChain built into terminal

How to store your sensitive credentials to keychain

security add-generic-password -a "$USER" -s 'name_of_your_key' -w 'passphrase'

How to retrieve them from your keychain

security find-generic-password -a "$USER" -s 'name_of_your_key' -w

How to set this up in your .bash_profile so that you can actually use this:

NAME_OF_YOUR_KEY=$(security find-generic-password -a "$USER" -s "name_of_your_key" -w)

Now you can do something like echo $NAME_OF_YOUR_KEY and see your secret with your bash_profile being safe.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade