Like has been mentioned earlier any site with large deployments is likely using RADIUS for central administration authentication anyway. Adding on Google Auth to FreeRADIUS
is pretty simple way to get this done today.
Defense in Depth. I'm not going to add in a Radius server to manage my home router remotely :p
Even the SSHD should have a 2FA option.
The clock issue mentioned above is clearly problematic, though I wonder what NTP/USB/Battery options are available?
Quick search finds this: http://www.keylok.com/product/fortress-real-time-clock
A possible smart implementation could just detect the power fail and allow for an option to disable the Google Auth as a fail-safe mode.
For what it's worth, Google Auth does provide you with a set of "backup auth" codes that you can use in the event of clock skew.
You can ALSO deploy it in "counter mode" which doesn't rely on the clock.
I can't think of any competing products that offer OTP on the switch or router its all done via add-on's to TACACS+ or RADIUS servers.
So what? Why "race to the bottom" when this could be a compelling differentiator!