Fix SSH agent forwarding goroutine leak via missing half-close

When a guest process disconnects from the agent socket,
io.Copy(channel, unixConn) returns but the channel write side
stays open. The host's ServeAgent blocks reading the channel
waiting for a request that never comes, and the guest's reverse
copy blocks waiting for a response. Neither side ever closes,
leaking both goroutines and a maxAgentConns semaphore slot.

After 8 leaked connections (maxAgentConns), all new agent socket
connections are rejected, breaking SSH agent forwarding for the
rest of the session. Symptoms: git operations succeed for the
first few minutes then fail with "Permission denied (publickey)".

Fix: call channel.CloseWrite() after the guest->host copy
finishes, signaling EOF to the host so ServeAgent returns and
the full cleanup chain completes.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: JAORMX

guest/sshd/session.go

@@ -513,6 +513,7 @@ func (s *Server) proxyAgentConnection(conn *ssh.ServerConn, unixConn net.Conn) {
 	go func() {
 		defer wg.Done()
 		_, _ = io.Copy(channel, unixConn)
+		_ = channel.CloseWrite() // Signal host that guest disconnected from agent socket.
 	}()
 	go func() {
 		defer wg.Done()