I'm wondering if using SSH keys that are protected by passphrases can be counted as two-factor authentication (2FA). I'd appreciate some detailed explanations or insights on this!
1 Answer
Nope, it's not considered 2FA. From the server's perspective, it's still just one factor at play. Even if your SSH key is encrypted with a passphrase, you're really just adding another layer of something you know, not introducing a truly distinct factor like something you have or something you are.
I agree! The server only verifies one piece of information, which is the SSH key. Passphrases don't add a separate level of verification.