CommScope RUCKUS Community Forums

I am in the process of building an Ansible server for the first time.  I've typically used Putty to connect to my ICX switches running 08.0.95g.  SSH just kinda worked with Putty without any configuration.  Now I'm using OpenSSH client on an Ubuntu 22.04.  I read that there is no longer support for dsa authentication with the new OpenSSH client in Ubuntu, so I setup rsa on the switch.  Here's what I've done so far:

1. Enabling ssh on switch - "crypto key generate rsa"
2. Create keys on Ansible Host - "ssh-keygen -t ed25519 -C "Ansible""
3. Add required header and footer to id_ed25519.pub file (Required by switch due to newer version of OpenSSH on Ansible host - ssh-keygen doesn't put them there anymore)
4. Transfer the public key on the Ansible host to tftp server 
5. Transfer the Ansible host public key to switch from tftp server - "ip ssh pub-key-file tftp x.x.x.x id_ed25519.pub"
6. run "show ip client-pub-key" on the switch to verify the Ansible host pub key is setup
7. From Ansible host, ssh to switch, accept the key transfer, and verify login is accepted 

At this point I'm prompted for a password instead of just being given a command prompt.  I'm not sure what I'm doing wrong, but I've never configured this before so most likely I'm the problem.  Here is my switch's ssh config:

#sh ip ssh config
SSH server : Enabled
SSH port : tcp\22
Host Key : DSA 1024, RSA 1024
Encryption : aes256-cbc, aes192-cbc, aes128-cbc, aes256-ctr, aes192-ctr, aes128-ctr, 3des-cbc
Permit empty password : No
Authentication methods : Password, Public-key, Interactive
Authentication retries : 3
Login timeout (seconds) : 120
Idle timeout (minutes) : 5
SCP : Enabled
SSH IPv4 clients : All
SSH IPv6 clients : All
SSH IPv4 access-group :
SSH IPv6 access-group :
SSH Client Keys :
Client Rekey : 0 Minute, 0 KB
Server Rekey : 0 Minute, 0 KB