It could be argued that from the servers perspective only one thing was provided, so it's not 2FA.

Then what about ssh keys AND user/password authentication?

Like this sshd_config

  PasswordAuthentication yes
  PubkeyAuthentication yes
  AuthenticationMethods publickey,password

I guess it boils down to if one thinks ssh keys are something you know or something you have? The passphrase and password is very clearly something I know.

I'd like to hear your thoughts.