feat: Implement two-key SSH management strategy

- Add modules/security/ssh-keys.nix for centralized SSH key management
- Generate role-specific SSH keys with geir@geokkjer.eu email:
  - Admin key (geir@geokkjer.eu-admin) for sma user server access
  - Development key (geir@geokkjer.eu-dev) for geir user and git services
- Update SSH client config with role-based host patterns
- Configure users/geir.nix and users/sma.nix with appropriate key access
- Add SSH key setup to both machine configurations
- Create scripts/setup-ssh-keys.sh for key generation automation
- Update plan.md with completed SSH security implementation

Security benefits:
- Principle of least privilege (separate admin vs dev access)
- Limited blast radius if keys are compromised
- Clear usage patterns: ssh admin-sleeper vs ssh geir@sleeper-service.home
- Maintains compatibility with existing services during transition

machines/congenital-optimist/configuration.nix

@@ -9,6 +9,9 @@
     ./hardware-configuration.nix
     ../../modules/network/network-congenital-optimist.nix
     
+    # Security modules
+    ../../modules/security/ssh-keys.nix
+    
     # System modules
     ../../modules/system/fonts.nix
     ../../modules/system/applications.nix