Ref T13454. Fixes T13006. When a user provide us with an SSH private key and (possibly) a passphrase:

1. Try to verify that they're correct by extracting the public key.
2. If that fails, try to figure out why it didn't work.

Our success in step (2) will vary depending on what the problem is, and we may end up falling through to a very generic error, but the outcome should generally be better than the old approach.

Previously, we had a very unsophisticated test for the text "ENCRYPTED" in the key body and questionable handling of the results: for example, providing a passphrase when a key did not require one did not raise an error.

Created and edited credentials with:

• Valid, passphrase-free keys.
• Valid, passphrased keys with the right passphrase.
• Valid, passphrase-free keys with a passphrase ("surplus passphrase" error).
• Valid, passphrased keys with no passphrase ("missing passphrase" error).
• Valid, passphrased keys with an invalid passphrase ("invalid passphrase" error).
• Invalid keys ("format" error).

The precision of these errors will vary depending on how helpful "ssh-keygen" is.