How to securely connect to to your Amcrest Video Security System using a local Linux server, like a Raspberry Pi

Have some questions or having issues with your IP Camera(s), Post them here for the mods and other users to assist you with.
Post Reply
User avatar
MrOnosa
Posts: 2
Joined: Fri Aug 03, 2018 9:10 pm

How to securely connect to to your Amcrest Video Security System using a local Linux server, like a Raspberry Pi

Post by MrOnosa »

Amcrest has yet to release a firmware update for their older system with a fresh SSL Certificate. It's insecure to connect to these servers remotely with their stale encryption. The solution is simple, SSH Tunnels.

If you have a Linux server that you can safely SSH into that lives on the same local network as your Amcrest video security system, then you can just create a Linode (an SSH tunnel) to your security system. This way you are in charge of securing the connection, which is easily done with proper private/public key management.

You only need to expose your SSH port (typically port 22) on your router. You do not need to expose the HTTP(s)/TCP/UDP ports for your Amcrest security system.

Make sure your Amcrest Video Security System uses a static IP. For example:
2018-09-21_10-08-04_iexplore.png
2018-09-21_10-08-04_iexplore.png (23.49 KiB) Viewed 13807 times
Also, my example code assumes the default ports. 37776 for HTTP, 37777 for TCP:
2018-09-21_10-11-22_iexplore.png
2018-09-21_10-11-22_iexplore.png (14.52 KiB) Viewed 13807 times
Then, just use the -L flag to tunnel your HTTP and TCP ports. This is like port forwarding, but your Linux system is doing it, not your router. This means a secure connection that you are in charge of.

Here is how:

Code: Select all

ssh <user>@<host> -L 37776:192.168.1.108:37776 -L 37777:192.168.1.108:37777
Now, fire up Internet Explorer 11, then navigate to http://localhost:37776/ and log in.
[](/lyram09)
Top
savvy2
Posts: 12
Joined: Sun Jan 14, 2018 7:26 am

Re: How to securely connect to to your Amcrest Video Security System using a local Linux server, like a Raspberry Pi

Post by savvy2 »

pure genius
and the idea of using low power Raspberry Pi

id pay you cash for full documentation on the Pi.
i have 3 cams with 3 expired, 2016 certificates.
Top
Devo
Posts: 7
Joined: Sat Sep 05, 2020 8:51 am

Re: How to securely connect to to your Amcrest Video Security System using a local Linux server, like a Raspberry Pi

Post by Devo »

So how would I make that ssh tunnel run on boot?
Top
knjpollard
Posts: 1
Joined: Mon Apr 06, 2020 6:31 pm

Re: How to securely connect to to your Amcrest Video Security System using a local Linux server, like a Raspberry Pi

Post by knjpollard »

I was not able to do this with the old Amcrest bullet cam.

first, I assume the camera itself would need to have the open ssh server running on port 22 to even approach this? It appears the bullet cams circa 2011 don’t have an option to enable ssh in the configuration. I do see that in some of my other amcrest cameras.

secondly, i have 24 cameras, and you have hard coded ips and in the browser you are typing local, so how does local know which of my 24 cameras I want connect? And where is the browser on my LAN, meaning is it any windows box on my entire lan where i type http://local:37776 ?

In the case of my Amcrest bullet i do this on my pi4
ssh <user>@<host>192.168.1.23 -L 37776:192.168.1.23:37776 -L 37777:192.168.1.23:37777

result is port 22 error cuz no one listens on 22 at that ip.

darn!
Top
Post Reply

Return to “IP Cameras”