Discover keypaths from ssh_config, update agent key selection logic

[kke]

Signed-off-by: Kimmo Lehto klehto@mirantis.com

Fixes #70
Helps resolve k0sproject/k0sctl#422

Using an explicit path to a private key

• If the key is not passphrase protected, use it as-is
• If it is password protected, search for a public key in <path>.pub. If the file is found, look for the key in agent. (there's no way to check if an encrypted private key is known by the agent without decrypting it with a passphrase. Tools like ssh-keygen will also look for the .pub in similar cases)
• If there's no agent or the key is not found in it, use PasswordCallback if implemented, otherwise fail with an error.

Using an explicit path to a public key (new!)

• Now you can also give a path to a public key -- if agent is available and a private key for that public key is available on the agent, use it from the agent

Getting keypath from ssh_config (new!)

• If you give an empty/null keypath, ssh_config is queried for an IdentityFile (can be multiple). If it fails, fall back to using a list of hardcoded defaults (was just ~/.ssh/id_rsa, now it is [~/.ssh/identity, ~/.ssh/id_rsa, ~/.ssh/id_dsa]).

Auth method caching

• If the same keypath is used for multiple hosts, it will only be loaded once, so you don't have to enter passphrases multiple times for the same keys.

Agent fallback

• The whole list of keys from agent will only be used when the keypath wasn't explicitly set for the host either in KeyPath: or in ssh_config.

Integration test suite

• Added a simplistic integration test suite using footloose and cmd/rigtest.