How to Edit Sensitive Information in asciinema Recordings for Secure Software Demos
I wanted to create a quick demo of how I update the software on which this blog is hosted. I started by creating a video using asciinema It is a fantastic terminal recorder that, as described on their website, is "a lightweight, text-based approach to terminal recording."
As I reviewed the video, I noticed some sensitive information that I preferred to keep private. Although the server is fairly secure, it is always better to minimize potential risks by not exposing sensitive data.
I searched for ways to blur parts of the video and found multiple options. I decided to try OBS Studio, but installing it required additional steps and dependencies. While waiting for OBS Studio to install via Flatpak, I noticed that the Asciinema recording had a .cast
extension.
According to the documentation on their website:
asciicast v2 is a file format for terminal sessions based on newline-delimited JSON, recorded by asciinema CLI (2.0 and later).
First line, encoded as JSON object, represents the header, which contains metadata, like initial terminal size, timestamp, etc.
All following lines form the event stream. Each line represents a separate event, encoded as 3-element JSON array.
Seeing that the recording was merely a JSON file, I opened it using Vim. It was easy to locate the sensitive characters I wanted to censor. Using Vim’s search and replace functionality, I could quickly replace sensitive data with placeholder text. For example, to replace all instances of "foo" with "bar," I used the command :%s/foo/bar/g
.
I watched the video several times to ensure all sensitive data was removed. The file had over 5000 lines, and some parts were not easy to find using search and replace alone. Each typed command was stored line-by-line, such as:
4 [1.91892, "o", "s"]
5 [2.078922, "o", "s"]
6 [2.18019, "o", "h"]
7 [2.381751, "o", " "]
8 [2.650191, "o", "g"]
9 [2.810387, "o", "h"]
10 [3.041014, "o", "o"]
11 [3.168424, "o", "s"]
12 [3.286202, "o", "t"]
Even though I had to go through those instances individually, there were not that many that required hand editing. Despite all of that, it was faster than learning how to blur videos using OBS Studio, which I still haven't installed.
Note: There are certain places where the output looks strange and may not make sense. Those were the parts that were edited to hide sensitive data. One example you'll see is when I change into a directory cd .../