Remove elliptic-curve pin when russh updates p{256,384,521} to rc.31+

[daniloaguiarbr]

Context

v0.2.1 introduced a hard pin in Cargo.toml:

elliptic-curve = "=0.14.0-rc.30"

This pin is necessary because russh 0.60 depends on p256/p384/p521-0.14.0-rc.8, which do NOT implement the MulVartime and MulByGeneratorVartime trait bounds introduced in elliptic-curve-0.14.0-rc.31. Without the pin, cargo install ssh-cli from a fresh environment fails with E0277 compile errors (see release notes for v0.2.1).

When to Remove This Pin

Remove the pin when both conditions are met:

1. russh releases a new version (likely 0.61+) that depends on p256/p384/p521 >= 0.14.0-rc.31 (or stable 0.14.0), which implement the new trait bounds.
2. cargo install ssh-cli from a clean environment still passes after removing the pin (validated via the install-simulation CI job).

Verification Steps

1. Upgrade russh version in Cargo.toml.
2. Remove line elliptic-curve = "=0.14.0-rc.30" and its explanatory comments.
3. Run rm Cargo.lock && cargo build --all-features locally to confirm resolver picks up compatible versions.
4. Run the install-simulation job in CI.
5. Run cargo install --path . from scratch.

References

• russh: https://github.com/Eugeny/russh
• elliptic-curve CurveArithmetic trait: https://docs.rs/elliptic-curve/0.14.0-rc.31/elliptic_curve/trait.CurveArithmetic.html
• v0.2.1 release notes: https://github.com/daniloaguiarbr/ssh-cli/releases/tag/v0.2.1

Priority

Low (technical debt). The pin is stable and does not block current users; it just prevents future upgrades from being smooth.