Can openssh daemon count key failures separately from password failures?

Recently the max number of auth for ssh was reduced on some servers at my work from 6 to 3 to comply with new security restrictions. Most of us in IT are seeing "too many failures" and no password prompt at all when we try to connect because ssh is counting all of our ssh keys as authentication attempts, and we have at least 3 keys each.

While this is technically correct, as a key auth is an auth attempt, what I am wondering is if sshd can track key-based authentications separately from password authentications. So we can have the key-based limit at 6 and set the password-based to 3 to comply with the new restrictions. I don't want to just have it not count key-based attempts, as it could be abused.

Either that, or make it so that it takes 2 or 3 key failures to count as one failed auth for the purposes of the limit. But I like the notion of tracking them separately more than this.

No, any authentication attempt is counted by sshd as "an attempt" regardless of the authentication method used. You cannot track different authentication methods differently.

What you can do is restrict the keys used for a particular host with the IdentitiesOnly config parameter. If it is set to yes, then only the specified identities will be used (or the default ones is none specified). So to force using only one specific key regardless of how many identities your agent stores, you need a config like this:

Host *.mycompany.localnet
  IdentitiesOnly yes
  IdentityFile /home/youruser/.ssh/my_company_ssh_key