It is always best to have Two-factor authentication (2FA) to any method of access control. The following post will guide you to enable 2FA on Debian Linux environment.
It is assumed that we will be using Password Authentication in conjunction with 2FA.
Install Google Authenticator
apt-get install libpam-google-authenticator
Edit /etc/pam.d/sshd and add the following.
auth required pam_google_authenticator.so
Edit the file _/etc/ssh/sshdconfig and make sure you have the following enabled.
UsePAM yes ChallengeResponseAuthentication yes
Run Google Authenticator from the account.
Add the account to your Google Authenticator app and save the emergency codes.Read more