Enabling 2 factor security on your server via SSH is a great way to add a extra step of protection for your server this is very easy to setup
First install the google authenticator library on your Ubuntu server
sudo apt-get update
sudo apt-get install libpam-google-authenticator
next we will add the following line to the ssh pam file to make PAM aware of the google authenticator script
sudo echo auth required pam_google_authenticator.so >> /etc/pam.d/sshd
in your sshd_config file make the following change
from
ChallengeResponseAuthentication no
to
ChallengeResponseAuthentication yes
then run google-authenticator and generate your ssh token use your favorate authenticator app to store it
then restart the ssh server sudo service sshd restart
login to the server with another terminal before terminating your current session for testing