OpenSSH declares ssh-rsa deprecated. What do I do next?

With the 8.2 release of OpenSSH, they have declared that ssh-rsa for SHA-1 will soon be removed from the defaults:

Future deprecation notice

It is now possible[1] to perform chosen-prefix attacks against the SHA-1 hash algorithm for less than USD$ 50K. For this reason, we will be disabling the “ssh-rsa” public key signature algorithm that depends on SHA-1 by default in a near-future release.

This algorithm is unfortunately still used widely despite the existence of better alternatives, being the only remaining public key signature algorithm specified by the original SSH RFCs.

If I have (and might use, but not sure where) an ssh-rsa key, what are the next steps for me? Pretend I don’t have another key yet.

  1. Generate new key(s?).
  2. Add new keys to known services.
  3. Rename old key so it does not get picked up automatically?
    • This is to nudge me when I try a server that used to work, so I add the new key.
  4. ???

what’s the field before ssh-rsa in know_hosts on Raspbian GNU/Linux 9 (stretch)

ssh-gen by default creates a public key like

ssh-rsa AAAAB3NzaC1yc2E…6OEBTVwLRP1Ocyr user@DESKTOP-8BL3U5O

The Raspbian 9 has a different format

|1|dMpV8+ILjAAD11mhp57Q7hVk/4A=|pvCuzPyguQCwV9cN908uBz6CZLE= ssh-rsa AAAAB3NzaC1yc2E…6OEBTVwLRP1Ocyr

What is the field before ssh-rsa. How to generate it so can be inserted into know_hosts?