In Fedora, CentOS and probably many other Linux distros ssh-keygen; still defaults to RSA 2048.
People have not yet realized that the newer, and also faster, elliptic curve cryptography is available; even between my peers I still see that many of them are using old and insecure RSA based keys. Since SSH clients support multiple keys transitioning to newer keys can be painless:

  • create a new elliptic curve key;
  • do not delete the old RSA key;
  • once you login into a server swap the old key with the new one.
    Generating a new secure SSH key is pretty simple, just open a terminal and run:
ssh-keygen -o -a 256 -t ed25519