mikelupo I don't understand from your description if the private key which was installed earlier included the expected prologue (and epilogue) or not. Did it include the expected beginning string and ending string?
-----BEGIN RSA PRIVATE KEY-----
If not, then once that prologue is included, does the private key persist across Jenkins server restarts?
If the prologue string is included and the agent is unable to connect after server restart, then we'll need much more detail to duplicate the problem. I restart my Jenkins server frequently and it uses private keys to connect to agents with no issue.
Please describe further in a new bug report what you mean when you say:
When the Jenkins server is restarted, any DEFAULT password parameters set in jobs are getting clobbered.
Does that mean that a job which took a password as a parameter and had a default assigned to that parameter will be run without using the default? If so, please provide a numbered step by step description of the process you use to define that job type so that others can duplicate the behavior.
The private key for an ssh connection to an agent is stored by Jenkins itself or by the Jenkins credentials plugin. I'm confident the same basic storage mechanism is used for both secret parameters and private keys.