Claude Code login/subscription issue on VPS — how do I re-authenticate?

Detailed Analysis

Claude Code authentication failures on remote VPS and SSH-based development environments represent a recurring friction point for developers attempting to integrate Anthropic's agentic coding tool into server-side workflows. The issue described involves a previously functional Claude Code installation losing its authenticated state, producing "token expired" and "connection closed" errors despite the underlying Claude subscription remaining active and browser-based authentication continuing to work normally. This disconnect between web session validity and CLI tool authentication points to the underlying mechanism Claude Code uses to persist credentials — typically stored in local token files or environment-linked session state — being disrupted when network contexts change or sessions time out in headless environments.

The root cause of this class of problem typically lies in how OAuth-based CLI tools handle token refresh in non-interactive environments. Claude Code, like many modern developer tools, authenticates via a browser-based OAuth flow that generates a short-lived access token and a longer-lived refresh token. On a VPS without a graphical environment, the initial authentication often requires a workaround such as forwarding the browser flow to a local machine, then transferring credentials. When sessions expire in such environments, the refresh token mechanism can silently fail because the tool may lack the ability to launch a browser or maintain the necessary callback handshake, leaving the user in a broken-authenticated state rather than prompting cleanly for re-login.

The clean remediation path in such scenarios generally involves three steps: first, explicitly logging out via the CLI (typically `claude logout` or equivalent) to clear cached but invalid token state; second, removing any residual credential files from the tool's configuration directory (commonly `~/.claude/` or a platform-specific config path) to ensure no stale data interferes with fresh authentication; and third, re-running the authentication command (`claude login`) and completing the OAuth flow, either by forwarding the browser callback URL manually or using a device-code flow if supported. Some users have also had success setting the `ANTHROPIC_API_KEY` environment variable directly as an alternative to session-based authentication, bypassing the OAuth flow entirely for headless environments.

This issue reflects a broader challenge in the AI developer tooling ecosystem: the assumption of interactive, GUI-accessible environments baked into authentication flows that are increasingly being used in headless, automated, or remote contexts. As AI coding assistants like Claude Code move from novelty to professional infrastructure, the expectation that developers will run them on remote servers, in CI/CD pipelines, or inside containerized environments is growing rapidly. Tooling that relies on browser-based OAuth without robust fallback paths for headless re-authentication creates operational fragility that is disproportionately felt by the power users and engineering teams most likely to derive sustained value from these tools.

Anthropic's challenge here mirrors what companies like GitHub (with GitHub Copilot in remote environments) and JetBrains have faced as AI coding tools expand beyond local IDE integrations. The solution space involves either improving the device-code OAuth flow for non-browser contexts, offering more stable API-key-based authentication as a first-class option, or providing clearer documentation and CLI-level tooling for credential management in SSH environments. Until such improvements are standardized, VPS-based Claude Code users are likely to continue encountering this friction, particularly after subscription renewals, token rotation events, or extended periods of server inactivity that cause session state to lapse.