How to Deploy OpenClaw on a Linux Server: Step-by-Step Guide for Running Autonomous AI Agents
Most people who work with AI tools are used to a specific pattern: you type something, the tool responds, and then it stops. Nothing happens until you ask again. OpenClaw breaks that pattern entirely. It is a self-hosted agent that runs on your own server, works around the clock, monitors your files, handles your messages, and executes tasks without waiting for you to start a conversation. For anyone who has wanted their digital tools to actually do things rather than just answer questions, this is a meaningful shift.
This guide is for people who want to deploy OpenClaw on a Linux server — whether that is a VPS in the cloud, a rented virtual machine, or a dedicated box. You do not need a deep IT background to follow along, though you should be comfortable typing commands into a terminal. By the end, you will understand what OpenClaw actually is, how its moving parts fit together, how to get it running, what can go wrong, and where it fits into real-world workflows.
What Is OpenClaw, and Why Does It Run on a Server?
OpenClaw started life in November 2025 under the name Clawdbot, created by Austrian developer Peter Steinberger. After two quick rebrands — first to Moltbot, then to OpenClaw — the project found its identity: a free, open-source agent framework built for continuous autonomous operation. Today it occupies a distinct niche in the AI tooling landscape as something closer to background software than a chat application.
The core idea is that a large language model — Claude, GPT-4, DeepSeek, or a local model via Ollama — acts as the brain, while OpenClaw acts as the body. The brain decides what to do; the body executes it. OpenClaw connects to your messaging platforms (Telegram, WhatsApp, Slack, Discord, iMessage, and about forty others), reads and writes files on your server, runs scheduled tasks, calls APIs, and reports back to you through whatever chat interface you prefer. All the data — memory, configuration, conversation history — stays on your own machine, stored as plain Markdown files that you can read and edit in any text editor.
The reason you want this on a server rather than your laptop is uptime. Your laptop sleeps, travels, and gets shut down. A Linux VPS runs continuously. That distinction matters enormously when the whole point is that your agent checks things, handles things, and acts on things while you are not watching.
The Architecture in Plain Language
Before touching a terminal, it helps to understand the three main components OpenClaw uses internally.
The Gateway is the control plane. It is a background process — a daemon in Linux terminology — that starts when your server boots, manages incoming messages, routes them to the right agent, and handles authentication. Think of it as the receptionist and telephone switchboard of your setup. The Gateway also runs what OpenClaw calls a "heartbeat": a scheduled check, every 30 minutes by default, where the agent reads a file called HEARTBEAT.md, decides whether anything requires attention, and either acts on it or confirms that everything is fine. This is how proactive behavior works. You are not asking the agent anything; it is checking its own to-do list on a timer.
The Soul files are the configuration layer. When you initialize an agent, OpenClaw creates a set of Markdown files — SOUL.md, IDENTITY.md, USER.md, and others — that define who the agent is, what it knows about you, how it should behave, what tools it has access to, and what it should prioritize. These are plain text. You edit them directly. There is no hidden settings panel; the configuration is the documentation the agent reads about itself before every conversation.
Skills are the extensions. A skill is a directory containing a SKILL.md file that tells the agent how to use a particular tool or follow a particular workflow — web search, image generation, email triage, CRM updates, code execution. Skills can be bundled with OpenClaw itself, installed globally, or kept in a specific workspace. Community-built skills are available, though they carry their own security considerations that we will address later.
Choosing the Right Server
OpenClaw does not require a powerful machine, but it does require one that is always on and reachable. A local laptop is not a server. A desktop you might restart every few days is not ideal either. For proper 24/7 autonomous operation, you want a VPS — a virtual private server — hosted in a data center.
The minimum published hardware requirements for running OpenClaw on Linux are 2 vCPU cores, 2 GB of RAM, and 20 GB of storage. In practice, that floor is fine for a single agent doing light work. If you plan to run multiple agents simultaneously, integrate a local language model via Ollama (which requires considerable RAM to load models), or process large files regularly, you will want more headroom.
The table below maps typical OpenClaw use cases to sensible server configurations:
| Use Case | RAM | vCPU | Storage | Notes |
|---|---|---|---|---|
| Single agent, cloud LLM (Claude / GPT) | 2 GB | 2 | 20 GB | Minimal setup, API costs apply |
| Single agent + Telegram/Slack integration | 4 GB | 2 | 30 GB | Comfortable baseline for most users |
| Multiple agents, parallel sessions | 8 GB | 4 | 50 GB | Recommended for team or business use |
| Local LLM via Ollama (e.g. Mistral 7B) | 16 GB | 4–6 | 80 GB | No API costs, but requires more hardware |
| Full swarm / multi-agent orchestration | 32 GB+ | 8+ | 200 GB+ | Advanced deployments, production environments |
For most individuals and small teams getting started, a VPS with 4 GB RAM and 2 vCPUs running Ubuntu 24.04 LTS is a solid baseline that covers the common use cases without unnecessary cost. Serverspace offers cloud servers at this specification tier [LINK], with the advantage of choosing the data center region closest to your primary users — relevant when you want your Telegram bot responding quickly.
Ubuntu 24.04 LTS is the recommended operating system. It is stable, widely supported, well-documented, and is the platform against which most OpenClaw guides and community resources are written.
Step-by-Step Deployment on a Linux Server
Step 1 — Prepare the Server
After provisioning your VPS, connect to it via SSH. Update the system and install the base utilities OpenClaw requires:
sudo apt update && sudo apt upgrade -y
sudo apt install -y curl gitInstalling Node.js via NVM (recommended)
Rather than installing Node.js through the system package manager — which often provides outdated versions and requires sudo for global packages — use NVM (Node Version Manager). NVM keeps Node.js in your home directory, requires no elevated permissions, and lets you switch versions cleanly if you ever need to:
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash
source ~/.bashrc
nvm install 24
nvm use 24
node -v # should output v24.x.xNVM installs Node.js entirely under your user account. Global packages installed with npm install -g go into ~/.nvm/ rather than system directories, which means you never need sudo for Node tooling — a meaningful reduction in your attack surface for a server running an autonomous agent.
Installing Docker
Docker is required if you plan to use the Docker Compose deployment path (recommended for production use, as it isolates the agent process in its own container):
curl -fsSL https://get.docker.com | sh
sudo usermod -aG docker $USER
newgrp docker
docker ps # should return an empty table, not an errorIf you prefer to keep the deployment entirely outside Docker — using the native openclaw binary directly — Docker is optional. The Docker path adds isolation; the native path is simpler to inspect and debug.
Step 2 — Install OpenClaw
Option A: Automated script (native install)
curl -fsSL https://openclaw.ai/install.sh | bashThis completes in roughly two minutes on a standard connection. The script installs the OpenClaw gateway binary, sets up directories, and registers the openclaw command in your terminal.
Option B: Docker Compose (recommended for production)
git clone https://github.com/openclaw-ai/openclaw.git
cd openclaw
./setup.shThe interactive wizard handles model provider selection, API key entry, messaging channel configuration, and allowlist setup in a single guided flow. The Docker path means the agent process runs in an isolated container — if something goes wrong inside, it cannot directly affect the host system.
Step 3 — Configure Your Model Provider
OpenClaw does not come with its own language model — it connects to one. During or after setup, you will edit the agent's configuration files to specify which model to use. For a cloud-based model, this means providing an API key from Anthropic, OpenAI, or your chosen provider. For a local model via Ollama, it means pointing the configuration at http://localhost:11434.
models:
default: claude-sonnet-4-20250514
providers:
anthropic:
api_key: "your-api-key-here"If you are using multiple models — a capable model for complex reasoning and a cheaper one for routine checks — you can configure routing rules that send different task types to different providers.
Step 4 — Connect a Messaging Channel
OpenClaw's interface is a messaging app, not a web browser. For Telegram, create a bot through BotFather and paste the resulting token into your configuration. For Slack, create an app in the Slack developer portal. The setup wizard provides direct links and step-by-step prompts for each supported platform.
After entering the token, configure an allowlist — specifying which user IDs or channel IDs can interact with the agent. This is a critical security step. Without it, anyone who finds your bot's contact information can send it commands.
Step 5 — Configure the Heartbeat and Soul Files
Open HEARTBEAT.md in the agent's workspace directory and describe the recurring checks you want the agent to perform on its own schedule:
## Daily Checks
- Review emails in the priority folder and summarize any requiring action
- Check the project log file for new entries and flag blockers
- Confirm that the backup process completed overnightThese instructions are plain English. The agent reads them on each scheduled heartbeat, decides what action each item requires, and messages you if something needs attention.
SOUL.md and IDENTITY.md define the agent's behavioral defaults — how formal or casual it should be, what topics require human approval before action, and any standing operational instructions. Editing these files is how you tune the agent's judgment over time.
Step 6 — Start as a System Service
For the agent to survive server reboots, register it as a systemd service:
sudo nano /etc/systemd/system/openclaw.service[Unit]
Description=OpenClaw AI Agent Gateway
After=network.target
[Service]
Type=simple
User=your-username
WorkingDirectory=/home/your-username/openclaw
ExecStart=/usr/local/bin/openclaw start
Restart=always
[Install]
WantedBy=multi-user.target
sudo systemctl daemon-reload
sudo systemctl enable openclaw
sudo systemctl start openclaw
sudo systemctl status openclawFrom this point, the agent starts automatically on every boot.
Practical Use Cases
Inbox and message triage. A marketing team uses an OpenClaw agent connected to their shared Slack workspace. The agent monitors a specific channel where clients post support queries, categorizes each message by urgency and topic, and either responds with templated answers or escalates to the appropriate team member with a summary.
Automated research briefings. A freelance consultant runs an agent that, each morning via a cron trigger, searches for news across three industry verticals relevant to current client engagements and sends a structured briefing to their Telegram. The agent pulls results, filters for relevance against a standing context file, and formats the output consistently.
Development pipeline monitoring. A small software team deploys OpenClaw on the same VPS as their staging environment. The agent watches log files for error patterns, checks whether nightly builds succeeded, and pings the on-call developer on Discord if anything requires attention.
Lead generation workflows. OpenClaw has seen adoption among small businesses and freelancers for automating prospect research: the agent receives a company name, pulls public data via its skills, generates a structured profile, and updates a CRM integration. What previously took an hour of manual research becomes a background task.
Personal knowledge management. A writer uses OpenClaw to maintain a living knowledge base. Notes, saved articles, and voice memos transcribed via Whisper integration all flow into a shared workspace folder. The agent indexes them on a schedule, surfaces connections between notes when asked, and maintains a context file for ongoing projects.
Limitations and Risks
OpenClaw is genuinely powerful, and that power creates real risks if the setup is careless.
The most fundamental issue is permission scope. To function, OpenClaw needs access to your messaging accounts, potentially your email, your file system, and whatever external services you connect through skills. A serious vulnerability — CVE-2026-25253, a cross-site WebSocket hijacking flaw — was disclosed in January 2026 and has since been patched, but it illustrates the category of risk: a single security hole in a service with broad permissions can mean remote code execution on your server. Keeping OpenClaw updated is a meaningful security practice, not optional hygiene.
Third-party skills are a particular concern. The community skill repository is not formally vetted. Cisco's AI security team tested a third-party skill and found it performed data exfiltration and prompt injection without any visible indication to the user. Install only skills you have read and understood.
Prompt injection is a structural risk. Because the agent reads external data — emails, files, web pages — malicious content embedded in that data can attempt to hijack the agent's behavior. Limiting which external sources the agent reads, and gating irreversible actions behind human approval, significantly reduces this exposure.
Run OpenClaw on a dedicated VPS rather than your primary machine. If something goes wrong with an isolated server, you can shut it down, audit what happened, and rebuild.
Common Mistakes and How to Avoid Them
Skipping the allowlist configuration. If you do not restrict which users can interact with your agent, the bot is open to anyone who discovers it. Configure the allowlist during initial setup.
Using a high-capability model for heartbeat checks. The heartbeat runs every 30 minutes. Routine checks that conclude with "nothing to do" still cost tokens. A misconfigured heartbeat can burn through significant API budget overnight. Set spending limits at the provider level before deploying, and route routine checks to a lighter model.
Not reading installed skills before activating them. Every skill is a set of instructions the agent follows with access to your data and external services. Read what you install.
Running OpenClaw as root. The systemd configuration above uses a non-root user for a reason. If the process is ever compromised, root access means complete server control for the attacker.
Granting autonomous control over irreversible actions too early. Start with the agent in an observational role — reporting, summarizing, suggesting — and expand its autonomous permissions only as you develop confidence in its behavior.
Conclusion
OpenClaw represents a practical implementation of something that has been conceptually appealing for years: software that works on your behalf in the background, on infrastructure you control, without being permanently tethered to a cloud vendor's interface. Getting it running on a Linux VPS is achievable for anyone comfortable with SSH and basic terminal commands.
The path forward after initial deployment is iteration. Start with one agent, one channel, and a conservative heartbeat configuration. Read the logs. Adjust the Soul files based on what you observe. Add skills one at a time, only after reading them. Expand autonomous permissions gradually.
If you are evaluating VPS options, Serverspace offers cloud servers in configurations well-suited to OpenClaw — including the 4 GB RAM tier for most single-agent deployments and the 8 GB tier for multi-agent setups.
Frequently Asked Questions
Do I need to know how to code to run OpenClaw? Not for basic deployment. The installation script and setup wizard handle the technical scaffolding. You need to be comfortable with a terminal and editing text files.
Which messaging platform works best? Telegram is the most commonly documented integration and has the most straightforward setup. Slack is popular for team deployments.
Can I run OpenClaw without paying for API access? Yes, paired with Ollama and a locally hosted open-source model. This requires more server RAM — at minimum 8 GB for smaller models — but eliminates ongoing API costs.
What happens if the agent does something unintended? Stop the service with sudo systemctl stop openclaw, review the logs in the workspace directory, identify what instruction chain led to the unexpected behavior, and correct it before restarting.
How much does it cost to run? The software is free and open-source. Your costs are the VPS and API usage fees for cloud-hosted models. Start with a spending cap at the provider level to understand your baseline.
Is OpenClaw suitable for a business with multiple employees? For small teams, yes, with appropriate configuration. The multi-agent capability allows different agents to handle different workflows. Treat it as a tool for technically aware teams rather than a turnkey enterprise product.
Can the agent access my personal accounts and files? Only what you explicitly grant it access to during setup. The concern is not unauthorized access — it is that intentionally granted permissions are broad enough to create risk if the setup is compromised. Grant minimum necessary permissions and expand from there.
