fix: detect orphaned SSH key references and missing auth methods

When a credential's sshKeyId points to a deleted/missing SSH key row,
the connection attempt silently had zero auth methods. Now throws a
clear error explaining the SSH key is missing. Also catches the case
where a credential has neither password nor SSH key configured.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

backend/src/vault/credentials.service.ts

@@ -81,6 +81,17 @@ export class CredentialsService {
         ? this.encryption.decrypt(cred.sshKey.passphraseEncrypted)
         : null;
       sshKey = { privateKey, passphrase };
+    } else if (cred.sshKeyId) {
+      // Orphaned reference — credential points to a deleted/missing SSH key
+      throw new NotFoundException(
+        `Credential "${cred.name}" references SSH key #${cred.sshKeyId} which no longer exists. Re-import the key or update the credential.`,
+      );
+    }
+
+    if (!password && !sshKey) {
+      throw new NotFoundException(
+        `Credential "${cred.name}" has no password or SSH key configured.`,
+      );
     }
 
     return { username: cred.username, domain: cred.domain, password, sshKey };