Determine whether there are passphrase-protected ed25519 keys in a Jenkins instance

find-ed25519.groovy

import com.cloudbees.hudson.plugins.folder.*
import com.cloudbees.hudson.plugins.folder.properties.*
import com.cloudbees.hudson.plugins.folder.properties.FolderCredentialsProvider.FolderCredentialsProperty
import com.cloudbees.plugins.credentials.*
import com.cloudbees.jenkins.plugins.sshcredentials.SSHUserPrivateKey
  

/* Let's see if the key is ed25518 */
boolean checkKey(def key) {
  boolean found = false
  if ((key instanceof SSHUserPrivateKey) && (key.passphrase)) {
    key.privateKeys.each { privateKey ->
      if (privateKey =~ '----BEGIN OPENSSH PRIVATE KEY-----') {
        println ""
        println "The SSH key (${CredentialsNameProvider.name(key)}) may cause failures with the 2.73.1 upgrade!"
        found = true
      }
    }
  }
  return found
}

/* Find all globally defined SSH Keys with a passphrase */
SystemCredentialsProvider.instance.store.domains.each { domain ->
  SystemCredentialsProvider.instance.store.getCredentials(domain).each { key ->
    if (checkKey(key)) {
      println "(in the global scope, under the domain ${domain.name})"
    }
  }
}

/* Find all Folder-defined SSH keys with a passphrase */
Jenkins.instance.getAllItems(AbstractFolder).each { folder ->
  def p = folder.properties.get(FolderCredentialsProperty)
  p?.store.domains.each { domain ->
    p.store.getCredentials(domain).each { key ->
      if (checkKey(key)) {
        println "(in the folder ${folder.displayName}, under the domain ${domain})"
      }
    }
  }
}

return null

Same issue as @dgeissl, I'm on Jenkins 2.60.3