I have not been able to use ssh-keygen -e to reliably generate a private key for SSH in PEM format. This format is sometimes used by commercial products. Instead, I had to convert the key using openssl.
# generate an RSA key of size 2048 bits
ssh-keygen -t rsa -b 2048 -f jabba -C 'ronnie-jabba'
# copy key to 10.1.56.50 and add to authorized_keys
# convert private key to PEM format
openssl rsa -in jabba -outform PEM -out jabba.pem
chmod 700 jabba.pem
# test key
ssh -i ./jabba.pem [email protected] -p 2222
# add a passphrase
ssh-keygen -p -f jabba.pem
# does it have a passphrase
ssh-keygen -y -f jabba.pem
# test key, now with passphrase
ssh -i ./jabba.pem [email protected] -p 2222