Fix UID/GID mismatch and SSH key permissions in container

- Entrypoint now runs as root to remap the container's claude user
  UID/GID to match the host user, fixing bind mount permission errors
  on WSL
- SSH keys are mounted read-only to a staging path (/tmp/.host-ssh)
  and copied to ~/.ssh with correct permissions by the entrypoint
- Exec sessions explicitly run as the claude user
- Host UID/GID detected automatically and passed as env vars

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

app/src-tauri/src/docker/exec.rs

@@ -72,6 +72,7 @@ impl ExecSessionManager {
                     attach_stderr: Some(true),
                     tty: Some(true),
                     cmd: Some(cmd),
+                    user: Some("claude".to_string()),
                     working_dir: Some("/workspace".to_string()),
                     ..Default::default()
                 },