ssh on FreeBSD 14.3 won't talk to older hosts

I have an older FreeBSD box that FreeBSD 14.3 refuses to connect to 
using ssh and a certificate login. Everything else works fine (including 
14.2), and has done for years. I can connect in the other direction 
(from the old host to the 14.3). I can also connect from 14.3 to newer 
hosts. I note that OpenSSH has been updated to 9.9p2 for this release.

If I do connect to this older box it reverts to password login, which 
does work. It's the certificate login that's borked.

I'm carefully using RSA keys rather than anything fancy, and have 
sshd_config modified to accept them. When I connect to the old box I can 
specify the exact key to use (-i ~/.ssh/id_rsa) but it doesn't make any 
difference.

I can't put sshd in debug mode on an alternative port due to a firewall, 
and I don't have console access. It's pointless doing it on any other 
host as they all work!

I dare say that someone somewhere decided it was a good idea to disable 
ssh certificate logins to older versions of sshd but I can't find the 
line I need to add to some config file (presumably /etc/ssh/ssh_config) 
to reverse this behaviour.

I note "OpenSSH plans to remove support for the DSA signature algorithm 
in early 2025."

Any suggestions?