Back to Blog

OpenClaw Deployment Guide

HUTAO667
OpenClaw AI Assistant Deployment Windows DeepSeek

Detailed documentation of the complete OpenClaw deployment process on Windows systems, including environment preparation, installation configuration, model setup, and more

1. Environment Preparation

1. Install Node.js

First, open the Node.js official website Portal. Note: Node.js version must be >= 22.16 Node.js download page

After downloading the msi installer, keep all options default and click next until completion Node.js installer default options

After installation, open command line window and enter node -v to check if version number is displayed Command line node version check If the displayed version doesn’t match the installed version or is lower than 22.16, enter nvm ls in command line to view currently installed versions. If there are multiple versions, run nvm use version_number to switch versions nvm Node.js version list and switch command

2. Install Git

If git is already installed, you can skip this section. Why do we need to install git?

  • Because although we use npm for installation, some core dependencies need to be pulled from GitHub repositories during installation, so git needs to be installed

    Open git official website Portal, download Windows version Git Windows download page Keep clicking next with default settings Git installer default options Open command line window and run git -v command. If version number is displayed, installation was successful Command line git version check

3. Install OpenClaw

Enter npm i -g openclaw in command line (please disable VPN during installation). Installation may take some time, please be patient. You may see some warnings during installation, which is normal. Below is the successful installation prompt OpenClaw npm global install success prompt If you encounter the following error warning, run git config --global url."https://github.com/".insteadOf "ssh://git@github.com". This error occurs because npm defaults to using ssh protocol for pulling, but we haven’t configured ssh keys, causing pull failure. This command forces the use of https protocol for pulling, avoiding errors npm GitHub dependency protocol error prompt After installation, enter openclaw -v in command line to check if version is displayed. If yes, installation was successful. If there’s no output but previous steps were fine, it means Node.js environment variables aren’t configured Command line openclaw version check This section is about Node.js environment variable configuration. If there were no previous issues, skip this part and go to the next section First check Node.js path. Enter npm prefix -g in command line, which will output npm installation path. Copy this path npm global install path output Then press win+s and search for environment variables Windows environment variables search Create a new user variable with variable name Path and variable value as the path you just copied New user Path environment variable Then reopen command line window and enter openclaw -v. You can see the version number is successfully displayed OpenClaw version check after reopening command line

2. OpenClaw Configuration

1. Initial Configuration

Enter openclaw onboard in command line window. A risk warning will appear, select yes OpenClaw onboard risk warning Considering some people may have concerns about this security warning, here’s the translation:

**Security Warning — Please Read**


OpenClaw is a hobby project still in testing phase. Please be prepared to encounter various issues.


By default, OpenClaw is a **personal assistant** with security boundaries based on "only one trusted operator." If tools are enabled, this bot can read your files and perform operations. A carefully crafted malicious prompt could potentially trick it into unsafe behavior.


OpenClaw **is not by default a security boundary that can resist malicious multi-tenant attacks**. If multiple users can send messages to a tool-enabled bot, they collectively have the **tool operation permissions** granted to that bot.


**If you're not familiar with security hardening and access control, please do not run OpenClaw.**
Please seek help from experienced people before enabling tools or exposing OpenClaw to the internet.


**Recommended minimum security baseline:**


- **Pairing/Whitelist + Mention Restrictions**: Only allow specific users or trigger it by @mentioning the bot in messages.


- **Multi-user/Shared Inbox**: Must split trust boundaries (e.g., use independent gateways/credentials, preferably independent OS users/hosts).


- **Sandbox Environment + Principle of Least Privilege**: Provide isolated environment for tool execution and grant only minimum necessary permissions.


- **Shared Inbox**: Must isolate private chat sessions (set `session.dmScope: per-channel-peer`) and keep tool permissions at minimum level.


- **Isolate Sensitive Information**: Ensure various keys, passwords and other sensitive information are not placed in file system paths accessible to the agent.


- **Use Strongest Model**: For any bot with tools enabled or receiving untrusted inbox messages, use the currently most capable and secure large language model.




**Regularly run the following commands for security checks:**


bash


openclaw security audit --deep
openclaw security audit --fix


**Must-read documentation:** [https://docs.openclaw.ai/gateway/security](https://docs.openclaw.ai/gateway/security)

Then select quick start and press enter. This tutorial only explains how to quickly configure openclaw on Windows; custom configuration will not be covered OpenClaw quick start option Then the LLM configuration interface will appear. I recommend using Deepseek because it’s cheap and API key is easy to obtain OpenClaw LLM configuration screen First find Deepseek official website, after logging in select API development platform DeepSeek API platform entry Select recharge, you can try recharging 1 yuan first DeepSeek recharge page After recharging, click API keys and create a new API key with any name DeepSeek API keys page After creation, an API key will be generated. Be sure to copy and save it to your notepad or elsewhere, as the API key is only displayed once DeepSeek generated API key page Now we have the API key. Return to command window and select Deepseek provider OpenClaw DeepSeek provider selection Paste the API key we just copied and press enter OpenClaw API key paste prompt Then select model, choose default as it can be changed later OpenClaw model selection prompt Then control channels will appear, which can control openclaw to search information and modify code on the computer. This can be configured later, so we can skip it OpenClaw control channel prompt This is internet provider configuration, which determines where AI will search when asking questions. This can also be configured later, so skip it OpenClaw internet provider prompt Then skill configuration, we also select no and skip OpenClaw skill configuration prompt Also skip hooks, press spacebar once and enter OpenClaw hooks configuration prompt When this window appears, startup was successful OpenClaw startup success prompt Next, enter openclaw dashboard in command line window to open openclaw’s web UI interface OpenClaw dashboard web UI Ask any question and you can see configuration was successful OpenClaw successful test conversation

Configuration is now complete!