So was carrying out a security audit and came across an SSH key pair that had been setup without a password. Easy to fix just run this command on the file,
ssh-keygen -p -f keyfile
and it will ask you for the new password. If the key permissions are setup strictly you may find the command fails when it attempts to write the new file, in which case sudo the command as that way the file permission will remain unchanged.