Getting Started

Your PrivateClaw instance is a Confidential VM, a machine whose memory is hardware-encrypted by the CPU itself. Not even the cloud provider can read what's running inside. This guide walks you through verifying that, testing your setup, and connecting a messaging provider.

1. Verify Your TEE

The first thing to do after SSH-ing into your CVM is verify that it's actually running in a Trusted Execution Environment:

privateclaw verify

This runs five checks:

You can run privateclaw verify at any time: after updates, after reboots, whenever you want reassurance. The checks are read-only and instant.

Why this matters

Most cloud VMs trust the cloud provider implicitly. The hypervisor can read your memory, the host OS can inspect your disk, and operators can access your data through management tools. Confidential computing changes that. With AMD SEV-SNP, the CPU encrypts your VM's memory with keys that the hypervisor never sees. privateclaw verify lets you independently confirm these guarantees are active. You don't have to take anyone's word for it.

2. Test Your Setup

Once you've verified the TEE, check that OpenClaw is working:

openclaw tui

This launches the terminal UI. Try sending a message to confirm inference is working end-to-end through the private pipeline. Press q to quit.

3. Connect a Messaging Provider

This is the most important step. OpenClaw is designed to work through messaging apps like WhatsApp and Signal, so you can use your AI assistant without being SSH'd into the CVM.

openclaw configure --section channels

This walks you through connecting one or more messaging providers. Once connected, you can chat with your OpenClaw instance from your phone or desktop. All messages route through the CVM and private inference pipeline, so the same privacy guarantees apply.

Help & Troubleshooting

SSH Keys

PrivateClaw uses SSH keys as your identity. No passwords, no accounts, no email required. Most machines do not have an SSH key pair by default.

Step 1: Check if you already have an SSH key

ls ~/.ssh/id_ed25519.pub

If you see "No such file or directory", you need to create one (Step 2). If you see a path, skip to Step 3.

Step 2: Create an SSH key

ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -N '' -q

This creates a key pair with no passphrase. The private key stays on your machine; the public key identifies you to PrivateClaw.

Step 3: Connect to PrivateClaw

ssh privateclaw.dev

This opens the management TUI where you can choose your plan and provision your Confidential VM.

Connection Errors

Permission denied (publickey)

Your SSH key is not being sent. Common causes:

WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED

This means the server's host key changed since you last connected. If PrivateClaw has announced maintenance or infrastructure changes, this is expected. To fix:

ssh-keygen -R privateclaw.dev

Then reconnect with ssh privateclaw.dev. If you weren't expecting this, contact support before reconnecting.

Connection refused or Connection timed out

Egress (Network Bandwidth)

What counts toward egress?

Egress measures outbound internet traffic from your CVM. This includes anything your CVM sends to the public internet: downloading packages, pulling container images, sending data to external APIs, or browsing the web from within your VM.

What does NOT count?

How is egress tracked?

All outbound internet traffic from CVMs goes through a dedicated NAT Gateway. We measure exactly the bytes that traverse it, which aligns with what Azure charges for outbound data transfer. VNet-internal traffic bypasses the NAT Gateway entirely and is free.

What happens when I hit my limit?

How can I reduce egress?

What's Next

Need help?

If you run into any issues or have questions, reach out at support@privateclaw.dev.