Use native golang ssh when creating SSH docker client

[giraffesyo]

Description

Presently, if configuring a docker client (in golang), docker is using the system ssh binary by executing a crafted command. This happens in connhelper.go https://github.com/docker/cli/blob/master/cli/connhelper/connhelper.go#L51-L65

Golang offers a robust native ssh client directly in the standard library, and works without needing an installation of an OpenSSH client. For security reasons, we prefer to use this ssh client because we can more easily guarantee it will use FIPS validated algorithms without needing to ensure OpenSSH is setup for FIPS correctly.

Golang makes it extremely easy to use FIPS algorithms, especially as of v1.24 where you no longer need to deal with boringcrypto, so moving this to std lib would drastically decrease complexity of Docker setups where we need FIPS SSH and we're using the Docker SDK inside of golang.

If this is not currently possible, would a feature request like this be accepted?