I'm following the following guides to setup Google MFA authentication.

https://medium.com/aws-activate-startup-blog/securing-ssh-to-amazon-ec2-linux-hosts-18e9b72319d4

https://www.middlewareinventory.com/blog/aws-mfa-ssh-ec2-setup/

And you know what, so long as I run this command before restarting ssh, it works.

mv authorized_keys authorized_keys.bak

However, and here me out... SSH Key Google MFA? Eh? Eh?

Sounds like a great idea :)

Except I have no clue what I need to do to get both working simultaneously. I've updated /etc/ssh/sshd_config to enable the following authentication methods:

AuthenticationMethods publickey,keyboard-interactive

But if I enable these methods then I'm locked out of my server (from what I've read online, some combination of this may be needed to use both an ssh_key google_mfa).

But yeah... I'm at a loss as to how to get both to work simultaneously.