guest sshd: drop DEBUG3 + StrictModes no; normalise /root perms

Previously /etc/ssh/sshd_config.d/99-banger.conf landed with:

  LogLevel DEBUG3
  PermitRootLogin yes
  PubkeyAuthentication yes
  AuthorizedKeysFile /root/.ssh/authorized_keys
  StrictModes no

DEBUG3 was debug leftover that floods journald in normal use.
StrictModes no was a workaround for /root perm drift on the work
disk — the real fix is to make those perms correct at provisioning
time.

New drop-in:

  PermitRootLogin prohibit-password
  PubkeyAuthentication yes
  PasswordAuthentication no
  KbdInteractiveAuthentication no
  AuthorizedKeysFile /root/.ssh/authorized_keys

prohibit-password blocks password root login even if PasswordAuth
gets flipped on elsewhere; KbdInteractiveAuth no closes the last
interactive fallback; StrictModes is now on (sshd's default).

normaliseHomeDirPerms chown/chmods /root to 0755 root:root at every
work-disk mount (ensureAuthorizedKeyOnWorkDisk,
seedAuthorizedKeyOnExt4Image); the .ssh dir also explicitly
chown'd root:root. Verified end-to-end against a real VM:
`sshd -T` reports strictmodes yes and all five directives match.

Regression test (sshd_config_test.go) pins the allow-list and the
deny-list (DEBUG3, StrictModes no, bare `PermitRootLogin yes`) so
the next accidental reintroduction fails fast.

README's Security section updated to reflect the new posture.

internal/daemon/vm_authsync.go

@@ -47,6 +47,14 @@ func (d *Daemon) ensureAuthorizedKeyOnWorkDisk(ctx context.Context, vm *model.VM
 		return err
 	}
 
+	// Normalise the work-disk filesystem root: inside the guest this
+	// mounts at /root, which sshd inspects when StrictModes is on (the
+	// default after the hardening drop-in). Any drift — owner != root,
+	// group/other-writable — would make sshd silently reject the key.
+	if err := normaliseHomeDirPerms(ctx, d.runner, workMount); err != nil {
+		return err
+	}
+
 	sshDir := filepath.Join(workMount, ".ssh")
 	if _, err := d.runner.RunSudo(ctx, "mkdir", "-p", sshDir); err != nil {
 		return err
@@ -54,6 +62,9 @@ func (d *Daemon) ensureAuthorizedKeyOnWorkDisk(ctx context.Context, vm *model.VM
 	if _, err := d.runner.RunSudo(ctx, "chmod", "700", sshDir); err != nil {
 		return err
 	}
+	if _, err := d.runner.RunSudo(ctx, "chown", "0:0", sshDir); err != nil {
+		return err
+	}
 
 	authorizedKeysPath := filepath.Join(sshDir, "authorized_keys")
 	existing, err := d.runner.RunSudo(ctx, "cat", authorizedKeysPath)
@@ -90,6 +101,25 @@ func (d *Daemon) ensureAuthorizedKeyOnWorkDisk(ctx context.Context, vm *model.VM
 	return nil
 }
 
+// normaliseHomeDirPerms forces the home-directory mount point to
+// 0755 root:root. sshd's StrictModes (the default, re-enabled after
+// banger stopped shipping "StrictModes no") rejects authorized_keys
+// if the user's HOME — here the work-disk filesystem root — is
+// group/other-writable or owned by anyone other than root. mkfs.ext4
+// normally creates an ext4 root dir at 0755 root:root, but older
+// work-seed images may have drifted, and `cp -a` on a non-standard
+// source can carry weird bits forward. Forcing a known-good state
+// here is cheap insurance.
+func normaliseHomeDirPerms(ctx context.Context, runner system.CommandRunner, workMount string) error {
+	if _, err := runner.RunSudo(ctx, "chown", "0:0", workMount); err != nil {
+		return err
+	}
+	if _, err := runner.RunSudo(ctx, "chmod", "0755", workMount); err != nil {
+		return err
+	}
+	return nil
+}
+
 func (d *Daemon) ensureGitIdentityOnWorkDisk(ctx context.Context, vm *model.VMRecord) error {
 	runner := d.runner
 	if runner == nil {