Honor OPENSSL_FORCE_FIPS_MODE in Docker sshd configuration

What does this MR do and why?

This backports !8450 (merged) to 18-0-stable-ee.

The upgrade to the Ubuntu 24.04 image caused the OpenSSH server to stop working on FIPS hosts. As described in https://github.com/dotnet/dotnet-docker/issues/5849#issuecomment-2324943811 Ubuntu now requires that the OpenSSL FIPS libraries are used if FIPS is enabled in the kernel. This causes sshd not to start and log PRNG is not seeded error messages in /var/log/gitlab/sshd/current.

Now if you want to mix and match FIPS and non-FIPS libraries, you have to explicitly set OPENSSL_FORCE_FIPS_MODE=0. While mixing flavors isn't ideal here, it worked before, and we need to provide customers with a way to work around the issue until a better solution is implemented.

This commit detects if OPENSSL_FORCE_FIPS_MODE is set in the environment and propagates it to the GitLab-managed OpenSSH server, sshd.

Related issues

Relates to https://gitlab.com/gitlab-com/request-for-help/-/issues/2920

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• This MR is backporting a bug fix, documentation update, or spec fix, previously merged in the default branch.
• The original MR has been deployed to GitLab.com (not applicable for documentation or spec changes).
• This MR has a severity label assigned (if applicable).

Note to the merge request author and maintainer

If you have questions about the patch release process, please:

• Refer to the patch release runbook for engineers and maintainers for guidance.
• Ask questions on the #releases Slack channel (internal only).