Deploy OpenClaw on VPS

Complete deployment guide for DigitalOcean, Linode, Vultr & more

VPS Requirements

Minimum Specifications

  • 1 vCPU / 1GB RAM (basic usage)
  • 10GB SSD storage
  • Ubuntu 20.04+ or Debian 11+

Recommended Specifications

  • 2 vCPU / 2GB RAM (production)
  • 25GB SSD storage
  • SSH access with root privileges

Popular VPS Providers

DigitalOcean

Starting at $6/month • Easy setup • Great documentation

Visit DigitalOcean →

Linode

Starting at $5/month • High performance • 24/7 support

Visit Linode →

Vultr

Starting at $6/month • Global locations • Fast deployment

Visit Vultr →

Step-by-Step VPS Deployment

1

Create and Connect to VPS

Create a new VPS instance with Ubuntu 22.04 LTS

Connect via SSH:

ssh root@YOUR_VPS_IP
# Enter your password or use SSH key
2

Update System and Install Dependencies

Update system packages:

sudo apt update && sudo apt upgrade -y
sudo apt install -y curl git build-essential
3

Install Node.js

Install Node.js 22:

curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash -
sudo apt-get install -y nodejs
node --version  # Verify installation
4

Install OpenClaw

Install OpenClaw and run the setup wizard: 

npm install -g openclaw@latest
openclaw onboard --install-daemon
openclaw gateway status
5

Connect from Your Laptop (SSH Tunnel)

By default the Gateway binds to loopback for safety. Use an SSH tunnel to access the dashboard: 

# On your laptop:
ssh -N -L 18789:127.0.0.1:18789 YOUR_USER@YOUR_VPS_IP

# On the VPS (prints a tokenized link; use --no-open on headless servers):
openclaw dashboard --no-open

# Then open the tokenized URL it prints (http://127.0.0.1:18789/?token=...)

If you open http://127.0.0.1:18789/ and see “unauthorized”, use the tokenized link from openclaw dashboard.

6

Configure Firewall

Setup UFW firewall:

sudo ufw allow OpenSSH
sudo ufw enable

Security Best Practices

Use SSH Keys Instead of Passwords

Generate and use SSH keys for authentication: 

# On your local machine:
ssh-keygen -t ed25519 -C "your_email@example.com"
ssh-copy-id root@YOUR_VPS_IP

Disable Root Login

Create a non-root user and disable root SSH access: 

adduser openclaw
usermod -aG sudo openclaw
# Edit /etc/ssh/sshd_config: PermitRootLogin no
sudo systemctl restart sshd

Setup Automatic Security Updates

Enable unattended upgrades:

sudo apt install unattended-upgrades
sudo dpkg-reconfigure --priority=low unattended-upgrades

Use Environment Variables for Secrets

Store sensitive data in environment variables: 

# Create .env file
echo "BOT_TOKEN=your_token_here" > ~/.env
echo "API_KEY=your_api_key" >> ~/.env
chmod 600 ~/.env

Monitoring and Maintenance

Health Checks

Check gateway health and service status: 

openclaw gateway status
openclaw doctor
openclaw logs

Restart the Service

Restart the installed Gateway service: 

openclaw gateway restart

Regular Updates

Keep OpenClaw updated:

npm i -g openclaw@latest
openclaw gateway restart

Backup Configuration

Regularly backup your config: 

cp ~/.openclaw/openclaw.json ~/.openclaw/openclaw.json.backup
# Also consider backing up the full state dir: ~/.openclaw/

Next Steps

Your OpenClaw instance is now running 24/7 on your VPS

Configuration Generator Browse Guides Troubleshooting