How to Install OpenClaw on AWS EC2

Deploy the CLI on a Linux VM, keep the dashboard private, and verify the gateway from the shell before you expose any workflow to real traffic.

An EC2 deployment is just a Linux install with stricter network hygiene. The right workflow is to install the CLI, onboard in local mode, verify the gateway over SSH, and keep port 18789 private unless you have a controlled access layer.

Quick answer

Install OpenClaw on the EC2 instance, onboard in local mode, verify the RPC probe, and use SSH tunneling or a tailnet for dashboard access instead of opening the gateway port to the world.

Command line steps

1. Install OpenClaw on the server

Do this over SSH and keep the first pass simple.

2. Verify the service from the VM shell

The gateway needs to be healthy before you think about channels, models, or browser access.

3. Access the dashboard safely

Do not publish 18789 as a public security-group port just because you can.

What to check if it still fails

• If the EC2 instance is part of a long-running setup, add a backup step before major upgrades with openclaw backup create.
• If the RPC probe fails, read logs directly on the instance with openclaw logs --follow.
• If you need containerized deployment later, switch to the Docker docs rather than improvising service wrappers yourself.