Code snippets 18 Feb, 2026 4 min read

Installing openclaw on a vps

I decided I need to do a bit of testing on the OpenClaw front just to get an edge into it, so I'm dumping reference, process and issues here, that I've found along the way.

First create a VPS, log into your vps via ssh as root, run these commands – ideally if you're going to use this you need to know what you're doing, this isn't meant to be a dummies guide, it's one dev to another, what i found out along the way. If you're new to this use an ai to walk you though it.

Installation

# update and install stuff
apt update && apt upgrade -y
apt install ufw fail2ban unattended-upgrades curl -y
dpkg-reconfigure -plow unattended-upgrades

# add a sudo user - make sure to give sudo user a very long unique password
adduser --gecos "" myadminsudouser
usermod -aG sudo myadminsudouser

# harden login
sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config
sed -i 's/^#\?PermitEmptyPasswords.*/PermitEmptyPasswords no/' /etc/ssh/sshd_config
systemctl restart ssh

# create an openclaw user
adduser --gecos "" --disabled-password openclaw
passwd -l openclaw

# setup the firewall
ufw default deny incoming
ufw default allow outgoing
ufw allow 22/tcp
ufw --force enable

# setup fail2ban 
cat > /etc/fail2ban/jail.local << 'EOF'
[sshd]
enabled = true
port = 22
filter = sshd
logpath = /var/log/auth.log
maxretry = 3
bantime = 86400
findtime = 600
EOF
systemctl enable fail2ban
systemctl restart fail2ban

# Install Node.js 22 as root
curl -fsSL https://deb.nodesource.com/setup_22.x | bash -
apt install -y nodejs

# install openclaw
su - openclaw -s /bin/bash -c 'curl -fsSL https://openclaw.ai/install.sh | bash'

# run onboarding wizard
sudo su - openclaw
openclaw onboard --install-daemon

At this point I chose Anthropic Opus 4.5, and set up telegram with the BotFather tool. Then I practically skipped everything else except I selected session-memory. feel like I should have enabled command-logger but may be able to enable that again in the future.

Claw not running persistently, so used

Next was to run the gateway openclaw gateway status. This threw up a load of errors, systemd wasn't persistently running it properly so decided to do the cheat method and just run it in a tmux session and then exit the session and leave it running in there (I know, not the most stable method but it works for testing).

# switch to my sudo user then
sudo apt install tmux
sudo su - openclaw
tmux new -s openclaw
openclaw gateway --port 18789

The press Ctrl+B then D to detach.

Then to reattach just tmux attach -t openclaw.

Then opened up a tunnel to get the dashboard to my local machine from http://localhost:18789, without exposing any ports to the internet.

# Opened tunnel
ssh -L 18789:localhost:18789 sudouser@168.231.115.97

Telegram IPv6 Bug

Next I opened up telegram and sent a message and got a response back from BotFather saying i need to approve the connection from openclaw:

openclaw pairing approve telegram <code>

After that I had some bug where telegram messages were taking a long time to come through and noticed some errors from looking at the tmux session and also using openclaw logs --follow. It was something to do with the hosting provider not properly supporting ipv6, so:

# as sudo user
sudo nano /etc/gai.conf

# find and uncomment this line 
precedence ::ffff:0:0/96  100

This tells the system to prefer IPv4 over IPv6 for all connections.

# restarted my tmux session
sudo su - openclaw
tmux attach -t openclaw
openclaw gateway --port 18789

Claw breaking itself

After that I asked my claw to change the model and it tried to do it itself by modifying the ~/.openclaw/openclaw.json file and then restarting itself, but it totally failed at that and broke itself. So I had to then ssh in and edit the file myself and try to work out what it changed, and then managed to fix it with the help of an external claude session and managed to get it working again. Bit of a pain. I guess this is in the nature of the beast, it is prompted and encouraged via the agents.md file to go heavy with no restraints.

Next issue, super heavy token usage

Yeah so, this thing is just rinsing through tokens, i've bearly had just a few back and forths, no heavy lifting whatsoever, and the thing is hitting 3.7M tokens. Surely this must be wrong ... Trying to figure out what's comsuming all those tokens.

Next let's have a mess around with openclaw configure and see what else can be configured...

I just set up whatsapp... But does it just have access to my whatsapp contacts ...

openclaw bash
Back to Top