Complete SSH transport migration with client-side key pinning

## Summary
Fully migrate the gateway protocol from WebSocket to SSH transport, with client-side host key pinning for cryptographic verification that the client is connecting to the intended gateway.

## Requirements

### Server-side (gateway)
- [x] SSH transport implementation (PR #138)
- [x] Host key generation and persistence
- [x] Host key fingerprint display on startup
- [ ] Option to disable WebSocket transport entirely
- [ ] Migration path documentation

### Client-side (TUI)
- [ ] SSH client implementation
- [ ] Host key pinning storage (`~/.rustyclaw/known_hosts` or similar)
- [ ] First-connect fingerprint verification prompt (TOFU)
- [ ] Reject connections if host key changes (with override option)
- [ ] Display fingerprint during pairing flow

### Config
- [ ] `gateway.transport = "ssh" | "websocket" | "both"` option
- [ ] `gateway.ssh.require_pinned_key = true` option
- [ ] Client config for pinned gateway fingerprints

## Security Benefits
- **Authenticity**: Client cryptographically verifies it's talking to the real gateway
- **MITM protection**: Attacker can't intercept without the private host key
- **No TLS CA dependency**: Self-contained trust model

## References
- PR #138: Initial SSH transport + pairing flow
- SSH host key verification: https://www.ssh.com/academy/ssh/host-key

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Complete SSH transport migration with client-side key pinning #164

Summary

Requirements

Server-side (gateway)

Client-side (TUI)

Config

Security Benefits

References

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Uh oh!

Complete SSH transport migration with client-side key pinning #164

Description

Summary

Requirements

Server-side (gateway)

Client-side (TUI)

Config

Security Benefits

References

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions