Ubuntu 24.04 LTS, nearest region
2 GB RAM / 1 AMD CPU / 50 GB NVMe
ssh root@YOUR_IPadduser clawuser && usermod -aG sudo clawuser && su - clawusernpm install -g openclaw@latestThen run exec bash
openclaw onboard --install-daemonopenclaw gateway --port 18789 --verbosessh -L 18789:127.0.0.1:18789 clawuser@YOUR_IPRun openclaw dashboard if you are trying to connect and can't find the token.
Run openclaw doctor to diagnose issues and surface risky/misconfigured settings.
Curious why you didn't recommend binding gateway to localhost instead?
Bind somehow not working with the public IP address of the VM. I can see bind is for all interfaces with 0.0.0.0 still browser port is not responding, when access directly using public IP address of the VM and port.
Given the uncovered vulnerabilities so far, it's probably best to avoid binding clawd to the public IP of the VM / exposing it directly to the Internet
and regarding the ssh authentication ?
What I don’t really understand is the pricing. How are people dealing with that? Using it with Claude feels almost impossible, it’s basically a minimum of $20 per day in credits. Which models are actually more cost-effective?
@Mis4nthr0pic My OpenAI/ChatGPT Plus subscription costs $20 USD / month and gets me unlimited usage since I signed in via OAuth (not API key)
To get the OAuth authentication flow to work you need to set up SSH port forwarding so the OAuth callback can reach your remote droplet:
ssh -L 1455:localhost:1455 user@your-droplet-ip
The server setup guide for Clawdbot is fundamentally flawed and potentially dangerous, as it lacks essential security measures necessary to protect users from hacking vulnerabilities. Key omissions include critical steps like upgrading the server software, setting up SSH keys for secure access, closing unnecessary ports, and implementing fail2ban to guard against brute-force attacks. Following this guide without these precautions is akin to leaving your front door wide open, essentially inviting hackers to exploit your system. It is irresponsible to publish such a superficial guide that could mislead countless individuals into compromising their server's security. A thorough understanding of server management and security practices is crucial, and it would be wise for the author to revise the guide significantly or consult with experienced professionals before sharing further.