I've been running with ssh-rsa disabled for a while (with a config based on https://infosec.mozilla.org/guidelines/openssh#modern-openss... ) and it's been pretty smooth. Support for better algorithms is widespread, with a few exceptions (like bazaar.launchpad.net).
One gotcha: OpenWrt does not enable ECDSA by default[1] and only recently enabled support for ed25519 by default.[2][3] It's available in release candidates for 21.02, but not in current stable releases. So if you're running a stable release you'll need to either add `PubkeyAcceptedKeyTypes +ssh-rsa` to your client ssh_config or use a custom build of OpenWrt with DROPBEAR_ECC or DROPBEAR_ECC_FULL enabled.
OpenSSH that ships with macOS doesn't support ECC keys loaded via PKCS#11, only RSA keys. This is the case even on Big Sur because though it ships OpenSSH 8.1p1 its linked against LibreSSL 2.7.3, which lacks support for delegating non-RSA signing operations. This is annoying if you're using an HSM or secure enclave via PKCS#11; for example the T2, which only supports ECDSA P-256.
There's nothing wrong with RSA keys. What's being disabled is the use of SHA-1 for signature hashing. SHA-2 works just fine and the same RSA keys continue working.
Agreed. I should have made my post clearer. OpenWrt does not suppport SHA-2 signature hashing or any of the newer key algorithms I mentioned, so you are stuck with RSA+SHA1.
There's nothing wrong with RSA keys. What's being disabled is the use of SHA-1 for signature hashing. SHA-2 works just fine and the same RSA keys continue working.