There is an example specifying how to load a password protected key file on the phpseclib website. Note the line $key->setPassword('whatever');
<?php
include('Net/SSH2.php');
include('Crypt/RSA.php');
$ssh = new Net_SSH2('www.domain.tld');
$key = new Crypt_RSA();
$key->setPassword('whatever');
$key->loadKey(file_get_contents('privatekey'));
if (!$ssh->login('username', $key)) {
exit('Login Failed');
}
echo $ssh->exec('pwd');
echo $ssh->exec('ls -la');
Keep in mind you're not sending the password to the server. You just need the password in order to successfully load the key file. Then the username and key are sent to the server to authenticate you.