The ssh-key we generated used 2048 bits while even openssh's ssh-keygen defaults to 3072 nowadays [0].
While RSA-2048 is probably ok (?) and what NIST recommends for keys until around 2030, its probably better to switch to more bits.
This is also just a temporary solution as we should also switch to ed25519.
Thanks to Dan M (@dmur1 or dan@hexarcana.ch) for pointing this out.
[0] 19d3ee2f3a/ssh-keygen.c (L83)
* Refactoring, booleans declaration and update users fix
* Make server_name more FQDN compatible
* Rename variables
* Define the default value for store_cakey
* Skip a prompt about the SSH user if deploying to localhost
* Disable reboot for non-cloud deployments
* Enable EC2 volume encryption by default
* Add default server value (localhost) for the local installation
Delete empty files
* Add default region to aws_region_facts
* Update docs
* EC2 credentials fix
* Warnings fix
* Update deploy-from-ansible.md
* Fix a typo
* Remove lightsail from the docs
* Disable EC2 encryption by default
* rename droplet to server
* Disable dependencies
* Disable tls_cipher_suite
* Convert wifi-exclude to a string. Update-users fix
* SSH access congrats fix
* 16.04 > 18.04
* Dont ask for the credentials if specified in the environment vars
* GCE server name fix