OpenClaw has become the fastest-growing open-source project in GitHub history. In this guide, we’ll walk through the complete installation process — from zero to a working AI agent connected to your messaging app. Every command here is real and tested.
Before we start, a security note: This guide covers installation for development and testing purposes. For business deployment, read our enterprise security guide and consider GDPR-compliant setup on Hetzner before going live.
Prerequisites
You’ll need:
- Node.js 22 or higher — OpenClaw requires Node 22+
- npm — comes bundled with Node.js
- An LLM API key — OpenAI, Anthropic (Claude), DeepSeek, or local via Ollama
- A messaging app — WhatsApp, Telegram, Discord, Slack, Signal, or 20+ others
Step 1: Install Node.js 22+
We recommend using nvm (Node Version Manager) for easy version management.
On macOS / Linux:
# Install nvm
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash
# Reload your shell
source ~/.bashrc # or source ~/.zshrc on macOS
# Install Node 22
nvm install 22
nvm use 22
# Verify
node --version # Should show v22.x.x
npm --versionOn Windows: Download and run the Node.js 22 LTS installer from nodejs.org. After installation, open a new PowerShell window and verify:
node --version
npm --versionOn Windows (WSL2 — recommended for production-like setup):
# In WSL2 Ubuntu terminal
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash
source ~/.bashrc
nvm install 22
nvm use 22Step 2: Install OpenClaw
With Node.js ready, install OpenClaw globally:
npm install -g openclaw@latestThis downloads and installs the latest version of OpenClaw as a global CLI tool. The -g flag makes it available system-wide.
Verify the installation:
openclaw --versionYou should see a version string in the format vYYYY.M.D (e.g. v2026.3.15).
Important: Always install the latest version. Versions before v2026.1.30 are affected by CVE-2026-25253 (one-click RCE vulnerability, CVSS 8.8). The patch was released on January 29, 2026.
Step 3: Get Your LLM API Key
OpenClaw needs a language model to power its reasoning. Choose one:
Option A: Anthropic (Claude) — Recommended
- Go to console.anthropic.com
- Create an account and add a payment method
- Navigate to API Keys → Create Key
- Copy your key:
sk-ant-api03-...
Option B: OpenAI (GPT-4)
- Go to platform.openai.com
- Create an account and add billing
- Navigate to API Keys → Create new secret key
- Copy your key:
sk-proj-...
Option C: Ollama (Local — Free, GDPR-friendly)
Run models locally — no API key needed, no data leaves your machine.
# Install Ollama
curl -fsSL https://ollama.ai/install.sh | sh
# Pull a model (choose based on your hardware)
ollama pull llama3 # 8B, ~5GB, good for most tasks
ollama pull mistral # 7B, ~4GB, fast and capable
ollama pull deepseek-r1:7b # 7B, strong reasoning
# Verify Ollama is running
ollama listFor Luxembourg businesses with GDPR concerns, Ollama is the most privacy-preserving option — all processing happens on your own hardware.
Step 4: Run the Onboarding Wizard
OpenClaw has a guided setup process:
openclaw onboard --install-daemonThe wizard will ask you several questions. Here’s what to expect:
Choose Your LLM Provider
? Select your AI provider:
❯ Anthropic (Claude)
OpenAI (GPT-4)
DeepSeek
Ollama (local)
Other (custom endpoint)Select your provider and enter your API key when prompted. If using Ollama, make sure it’s running first (ollama serve).
Connect a Messaging App
? Which messaging platform would you like to use?
❯ WhatsApp
Telegram
Discord
Slack
Signal
(more options...)Connecting WhatsApp: After selecting WhatsApp, a QR code will appear in your terminal. Open WhatsApp on your phone → Settings → Linked Devices → Link a Device. Scan the QR code. Once linked, OpenClaw will show:
✓ WhatsApp connected successfullyConnecting Telegram: Select Telegram, then follow the instructions to create a bot via BotFather. You’ll paste the bot token when prompted.
Connecting Discord: You’ll need to create a Discord application and bot at discord.com/developers. Paste the bot token when prompted.
Install as a System Daemon
The --install-daemon flag sets OpenClaw up to start automatically when your system boots:
? Install OpenClaw as a system service? (Recommended)
❯ Yes — runs in background, starts on boot
No — I'll start it manuallySelect Yes for a persistent setup. On Linux, this creates a systemd service. On macOS, it creates a LaunchAgent.
Step 5: Verify the Installation
Once onboarding completes, test your agent by sending a message through your connected app:
You: Hello, are you running?
OpenClaw: Yes! I'm your OpenClaw agent. I'm ready to help. What would you like me to do?Try a simple task:
You: What's the current time and date?
OpenClaw: It's currently 14:32 on Wednesday, March 15, 2026.Then something more interesting:
You: Search the web for the latest news about AI agents
OpenClaw: [Browsing the web...]
Here are the top stories about AI agents from the past 24 hours: ...Step 6: Install Your First Skills
Skills extend what OpenClaw can do. Browse them at github.com/openclaw/clawhub.
Install a skill via OpenClaw:
You: Install the Gmail skill
OpenClaw: Installing Gmail skill from ClawHub...
✓ Installed. To connect Gmail, go to Settings → Skills → Gmail and authorize access.Or via CLI:
openclaw skills install gmail
openclaw skills install calendar
openclaw skills install seo-researchSecurity warning: Before installing any skill, check its GitHub repository. Only install skills with recent commits, visible source code, and trusted publishers. Avoid skills with generic names and no documentation — these are common patterns in the 1,184 malicious skills identified by security researchers.
Configuration File
OpenClaw stores its configuration in ~/.openclaw/config.json. Key settings you may want to adjust:
{
"llm": {
"provider": "anthropic",
"model": "claude-3-5-sonnet-20241022",
"maxTokens": 4096
},
"security": {
"requireConfirmation": true,
"allowedPaths": ["/home/user/work"],
"blockedCommands": ["rm -rf", "format", "dd"]
},
"messaging": {
"platform": "whatsapp",
"autoReply": true
}
}Always set requireConfirmation: true for destructive operations — this adds a confirmation step before OpenClaw executes file deletions, emails, or external API calls.
Updating OpenClaw
Stay current — OpenClaw releases updates frequently, often with security patches:
npm update -g openclaw
openclaw --versionSet up a weekly reminder to run this command. Better yet, for a VPS deployment, use a cron job:
# Add to crontab (crontab -e)
0 3 * * 1 npm update -g openclaw # Every Monday at 3amRunning OpenClaw on a VPS (Business Setup)
For business use, never rely solely on a laptop installation. A VPS ensures your OpenClaw agent is always available, even when your computer is off.
Recommended: Hetzner Cloud (EU servers, GDPR-compliant, excellent price/performance):
- Create a Hetzner account
- Create a new server: Ubuntu 22.04, CX21 (2 vCPU, 4GB RAM — sufficient for most setups)
- SSH into your server
- Follow the Node.js and OpenClaw installation steps above
- Configure a firewall: only allow SSH (port 22) and your VPN IP — never expose OpenClaw ports publicly
# Hetzner firewall basics
ufw allow 22/tcp
ufw enable
ufw statusWe cover the full GDPR-compliant VPS setup in our Hetzner deployment guide.
Troubleshooting Common Issues
”Command not found: openclaw”
Node global binaries aren’t in your PATH. Fix:
export PATH="$PATH:$(npm bin -g)"
# Add the above to your ~/.bashrc or ~/.zshrcWhatsApp QR code expires before scanning
The QR code has a 60-second window. Run openclaw onboard again and scan faster. Make sure your phone has a stable internet connection.
”LLM API key invalid”
Double-check your key. Anthropic keys start with sk-ant-, OpenAI keys start with sk-proj- or sk-. Check your provider’s dashboard for any billing issues.
OpenClaw daemon not starting on boot
# Check systemd service status (Linux)
systemctl status openclaw
journalctl -u openclaw -n 50
# Restart the service
systemctl restart openclawNode version mismatch
node --version # Must be 22+
nvm use 22 # Switch to Node 22
npm install -g openclaw@latest # ReinstallWhat’s Next
Now that OpenClaw is running, here’s what to explore:
- OpenClaw for Luxembourg SMEs — real workflow automation examples
- OpenClaw & GDPR: Hetzner Setup — for business-grade, GDPR-compliant deployment
- OpenClaw for Enterprise — security hardening before production use
- Best OpenClaw Skills for Agencies — the most useful skills for digital businesses
Need help deploying OpenClaw for your Luxembourg business? dcode provides full implementation, security hardening, and ongoing support. Book a free consultation.