Unable to use bastion.wm.edu for ssh access to some campus resources

Here is .ssh/config:

Host *.wm.edu !bastion.wm.edu
    User rlhick
    ProxyJump rlhick@bastion.wm.edu

Host stat
     Hostname stat.wm.edu

Host bora
     Hostname bora.sciclone.wm.edu

or alternatively

Host *.wm.edu !bastion.wm.edu
    ProxyJump rlhick@bastion

Host bastion
    HostName bastion.wm.edu

Host stat
     User rlhick
     Hostname stat.wm.edu

Host bora
     User rlhick
     Hostname bora.sciclone.wm.edu

bora

I can connect to bora using ssh rlhick@bora.

stat

Using ssh -v rlhick@stat yields this at the bottom (skipped lots of output):

debug1: Offering public key: /home/robhicks/.ssh/id_rsa RSA SHA256:GgHG+3aE5Sbt2sw/aXiFcPpesieIhKS2h400kTzANSE agent
debug1: Server accepts key: /home/robhicks/.ssh/id_rsa RSA SHA256:GgHG+3aE5Sbt2sw/aXiFcPpesieIhKS2h400kTzANSE agent
Authenticated to bastion.wm.edu ([128.239.20.145]:22) using "publickey".
debug1: pkcs11_del_provider: called, provider_id = (null)
debug1: channel_connect_stdio_fwd: stat.wm.edu:22
debug1: channel 0: new stdio-forward [stdio-forward] (inactive timeout: 0)
debug1: getpeername failed: Bad file descriptor
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: filesystem
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: client_input_hostkeys: searching /home/robhicks/.ssh/known_hosts for bastion.wm.edu / (none)
debug1: client_input_hostkeys: searching /home/robhicks/.ssh/known_hosts2 for bastion.wm.edu / (none)
debug1: client_input_hostkeys: hostkeys file /home/robhicks/.ssh/known_hosts2 does not exist
debug1: Remote: /usr/local/bin/fetch_ssh_pubkeys.sh:4: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Remote: /usr/local/bin/fetch_ssh_pubkeys.sh:4: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: client_global_hostkeys_prove_confirm: server used untrusted RSA signature algorithm ssh-rsa for key 0, disregarding
debug1: update_known_hosts: known hosts file /home/robhicks/.ssh/known_hosts2 does not exist
debug1: pledge: fork

git interactions with code.wm.edu

Trying to work with repositories on code.wm.edu is broken with similar output:

BASHPROMPT> GIT_SSH_COMMAND="ssh -v" git push

gives this (again skipping lots of output except stuff at bottom):

Authenticated to bastion.wm.edu ([128.239.20.145]:22) using "publickey".
debug1: pkcs11_del_provider: called, provider_id = (null)
debug1: channel_connect_stdio_fwd: code.wm.edu:22
debug1: channel 0: new stdio-forward [stdio-forward] (inactive timeout: 0)
debug1: getpeername failed: Bad file descriptor
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: filesystem
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: client_input_hostkeys: searching /home/robhicks/.ssh/known_hosts for bastion.wm.edu / (none)
debug1: client_input_hostkeys: searching /home/robhicks/.ssh/known_hosts2 for bastion.wm.edu / (none)
debug1: client_input_hostkeys: hostkeys file /home/robhicks/.ssh/known_hosts2 does not exist
debug1: Remote: /usr/local/bin/fetch_ssh_pubkeys.sh:4: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Remote: /usr/local/bin/fetch_ssh_pubkeys.sh:4: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: client_global_hostkeys_prove_confirm: server used untrusted RSA signature algorithm ssh-rsa for key 0, disregarding
debug1: update_known_hosts: known hosts file /home/robhicks/.ssh/known_hosts2 does not exist
debug1: pledge: fork
channel 0: open failed: connect failed: Connection timed out
stdio forwarding failed
kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

On fedora with OpenSSH_9.3p1, OpenSSL 3.1.1 30 May 2023, so maybe server used untrusted RSA signature algorithm ssh-rsa for key 0, disregarding is the showstopper. Trying GIT_SSH_COMMAND="ssh -o PubkeyAcceptedKeyTypes=+ssh-rsa -v" git push to try and force ssh to accept the old school key didn't work.