You probably think you’ll never get hacked, but why wait to find out the hard way? I discovered that you can indeed use two-factor authentication to log in to your linux box remotely with SSH. If my password or private key is compromised, I can be at least sure my phone is still on me. Without that, the attacker can’t get in, unless I’m drunk and they stole my phone off me. In addition, I hardened my server config even more by disabling root login and only permitting users. Users are still part of sudoers so they can still run privileged commands. Yeah, I know, this is what you’re supposed to do. It’s not such a serious server so I never took security seriously.
Of course, It’s annoying to be prompted to enter the code each time I want to log in, but this is a compromise I’m willing to make to sleep better at night knowing that my server is more secure.
If you’d like to do what I did to your own server then follow this article