With the release of OpenSSH 8.7 the ssh-rsa
signature scheme has been deprecated.
OpenSSH will disable the ssh-rsa signature scheme by default in the next release. In the SSH protocol, the "ssh-rsa" signature scheme uses the SHA-1 hash algorithm in conjunction with the RSA public key algorithm. It is now possible[1] to perform chosen-prefix attacks against the SHA-1 algorithm for less than USD$50K.
You can read more about that on their release notes.
That means we should probably generate new keys as soon as possible using the suggested ED25519. To do that is as simple as running:
While you get all your services updated with your new key you can still use your old key temporarily by adding an extra line to your ~/.ssh/config
file.
If you have a lot of services that share SSH keys consider swapping out your most important ones first and then adding some extra lines to your ~/.ssh/config
file to use different keys for different hosts.
To my understanding, if you follow security best practices and don't have port 22 open to the entire web on your servers then this deprecation isn't of immediate concern.