Currently if you pass a passphrase protected ssh key via the -i flag, you are prompted for the passphrase to unlock the key.

However if you do not provide the -i flag, you are not prompted even though it correctly finds the keys.

Looking at the code it appears as though the change to use tryEncryptedKey() that was made to the -i branch of code was not also changed in the "default file" area.