Provide SSH proxy command integration for VMs

Description of problem

The OpenSSH client has a mechanism for offloading connection establishment to an external command, which lets apps invent new naming schemes.

Systemd has a proposal (https://github.com/systemd/systemd/pull/30777) for supporting this with vsock and machined which will work with VMs created by libvirt which would let users do ssh vsock/5353 where 5353 is the vsock CID configured in libvirt XML. They also intend to support machined names, so users could ssh machine/qemu-7-myvmanme.

This is great, but it the limitation that it will only work for VMs with vsock support, which depends on the as yet unreleased systemd version. An annoyance is that the systemd machined names that libvirt creates are not stable as they include the incrementing VM ID.

Libvirt's NSS plugin works for VMs that have an IP address accessible from the host, and works for any service, not just SSH. Installing the libvirt-nss RPM isn't hard but users still need to edit /etc/nsswitch.conf so this does not work out of the box.

Thus it would be good for libvirt to provide an SSH proxy such that users can use

ssh qemu/myvmame

Libvirt should register a proxy by installing /usr/libexec/ssh_config.d/20-libvirt-qemu-vm.conf which contanis

Host qemu/*
        ProxyCommand {{LIBEXECDIR}}/libvirt_ssh_proxy %h %p
        ProxyUseFdpass yes
        CheckHostIP no

This ssh proxy should attempt to open a vsock connection if the guest has a vsock device present. If no vsock is configured, or opening it fails, then lookup an IP address lease for the VM, and attempt to connect over IP instead.

This will make SSH work both for future and pre-existing distro guests, with a friendly name. If we put this in the libvirt-client RPM ssh will "just work" out of the box with zero config required.