Fix: Always use explicit SSH key path for all SSH operations

CRITICAL FIX: SSH keys were not being auto-loaded, causing connection failures.

Changes:
- tools.py: SSH commands now include -i /var/lib/macha/.ssh/id_ed25519
- remote_monitor.py: Use explicit key path instead of sudo ssh
- system_discovery.py: Added explicit key path to all SSH calls
- system_prompt.txt: Document automatic SSH key loading
- DESIGN.md: Clarify CRITICAL requirement for explicit key paths

All SSH operations now explicitly specify:
  -i /var/lib/macha/.ssh/id_ed25519 -o StrictHostKeyChecking=no

This ensures Macha can reliably connect to remote hosts without
depending on SSH agent or automatic key discovery.

system_discovery.py

@@ -65,9 +65,11 @@ class SystemDiscovery:
     def detect_os_type(self, hostname: str) -> str:
         """Detect the operating system of a remote host via SSH"""
         try:
+            # Use explicit SSH key path
+            ssh_key = "/var/lib/macha/.ssh/id_ed25519"
             # Try to detect OS via SSH
             result = subprocess.run(
-                ["ssh", "-o", "ConnectTimeout=5", "-o", "StrictHostKeyChecking=no",
+                ["ssh", "-i", ssh_key, "-o", "ConnectTimeout=5", "-o", "StrictHostKeyChecking=no",
                  hostname, "cat /etc/os-release"],
                 capture_output=True,
                 text=True,
@@ -95,7 +97,7 @@ class SystemDiscovery:
             
             # Try uname for other systems
             result = subprocess.run(
-                ["ssh", "-o", "ConnectTimeout=5", "-o", "StrictHostKeyChecking=no",
+                ["ssh", "-i", ssh_key, "-o", "ConnectTimeout=5", "-o", "StrictHostKeyChecking=no",
                  hostname, "uname -s"],
                 capture_output=True,
                 text=True,