2 Factor Authentication in SSH using public key and PAM

I'm trying to setup 2 Factor Authentication. I want the user to login successfully if:

• The public private/public key matches (authentication method: publickey) or the password is correct
• My pam authentication method is successful.

The second authentication method is a PAM file. So I place it into /usr/lib/pam/ and added auth required my_pam_module.so in /etc/pam.d/sshd.
So far I can either log in using the (publickey method) or (a password and whatever is required by me pam module). So I added AuthenticationMethods publickey,keyboard-interactive in /etc/sshd_config and now I'm required to have the public key, password, and "whatever is required by me pam module".

What lines do I need to change in order to achieve what I described above? I'm using Mac OS X Mavericks (10.9). If you aren't familiar with Mac, it could also help what you'd do on your Linux system.

When I write keyboard-interactive:pam in the config, I'm getting this error: ssh_exchange_identification: Connection closed by remote host

Try to run ssh client in verbose mode, it will give you more information what's going wrong. Like, 'ssh -vvv <hostname>'

here is the verbose log of ssh: pastebin.com/hXTaCJ6f. You can also find relevant parts of my server log below (the most recent things sshd was reporting). Do I need to replace pam by "my_pam_method"?

Just wondering, have you added "ChallengeResponseAuthentication yes" and "UsePAM yes" to sshd config?

It wasn't set to yes but I changed it, although nothing has changed (still getting the same error). Did it work for you? And if so, what OpenSSL are you using?

Yep, it works fine for me. There are some my config files, sshd_conf - pastebin.com/19uve9Mr and /etc/pam.d/sshd (pretty much standard ubuntu file, just added pam_google_authenticator.so) - pastebin.com/UdXx8qxy As a result it's either certificate + pwd + google auth pam module or just pwd + google auth. Openssl - 1.0.1