Fix database encryption write operations and initialization

This commit fixes critical issues with the database encryption system:

**Database Write Operations Fixed:**
- Modified credential creation/update operations to use EncryptedDBOperations
- Fixed SSH data and credential access to properly decrypt data
- All sensitive data writes now go through encryption layer

**Database Schema Migration:**
- Added missing columns (private_key, public_key, detected_key_type) to ssh_credentials table
- Fixed "no such column" SQLite errors during encrypted operations

**Application Startup Order:**
- Fixed DatabaseEncryption initialization timing issues
- Moved encryption-dependent modules to load after encryption initialization
- Prevents "DatabaseEncryption not initialized" errors

**Key Management Improvements:**
- Enhanced EncryptedDBOperations.insert() to return properly decrypted data with all fields
- Fixed TypeScript type issues with database insert operations
- Improved error handling for database encryption context

All credential operations now properly encrypt sensitive data including SSH keys,
passwords, and authentication tokens before writing to database.

src/locales/en/translation.json

@@ -373,7 +373,47 @@
     "deleteUser": "Delete user {{username}}? This cannot be undone.",
     "userDeletedSuccessfully": "User {{username}} deleted successfully",
     "failedToDeleteUser": "Failed to delete user",
-    "overrideUserInfoUrl": "Override User Info URL (not required)"
+    "overrideUserInfoUrl": "Override User Info URL (not required)",
+    "databaseSecurity": "Database Security",
+    "encryptionStatus": "Encryption Status",
+    "enabled": "Enabled",
+    "disabled": "Disabled",
+    "keyId": "Key ID",
+    "created": "Created",
+    "migrationStatus": "Migration Status",
+    "migrationCompleted": "Migration completed",
+    "migrationRequired": "Migration required",
+    "deviceProtectedMasterKey": "Device-Protected Master Key",
+    "legacyKeyStorage": "Legacy Key Storage",
+    "masterKeyEncryptedWithDeviceFingerprint": "Master key encrypted with device fingerprint (KEK protection active)",
+    "keyNotProtectedByDeviceBinding": "Key not protected by device binding (upgrade recommended)",
+    "valid": "Valid",
+    "initializeDatabaseEncryption": "Initialize Database Encryption",
+    "enableAes256EncryptionWithDeviceBinding": "Enable AES-256 encryption with device-bound master key protection. This creates enterprise-grade security for SSH keys, passwords, and authentication tokens.",
+    "featuresEnabled": "Features enabled:",
+    "aes256GcmAuthenticatedEncryption": "AES-256-GCM authenticated encryption",
+    "deviceFingerprintMasterKeyProtection": "Device fingerprint master key protection (KEK)",
+    "pbkdf2KeyDerivation": "PBKDF2 key derivation with 100K iterations",
+    "automaticKeyManagement": "Automatic key management and rotation",
+    "initializing": "Initializing...",
+    "initializeEnterpriseEncryption": "Initialize Enterprise Encryption",
+    "migrateExistingData": "Migrate Existing Data",
+    "encryptExistingUnprotectedData": "Encrypt existing unprotected data in your database. This process is safe and creates automatic backups.",
+    "testMigrationDryRun": "Test Migration (Dry Run)",
+    "migrating": "Migrating...",
+    "migrateData": "Migrate Data",
+    "securityInformation": "Security Information",
+    "sshPrivateKeysEncryptedWithAes256": "SSH private keys and passwords are encrypted with AES-256-GCM",
+    "userAuthTokensProtected": "User authentication tokens and 2FA secrets are protected",
+    "masterKeysProtectedByDeviceFingerprint": "Master encryption keys are protected by device fingerprint (KEK)",
+    "keysBoundToServerInstance": "Keys are bound to this specific server instance",
+    "pbkdf2HkdfKeyDerivation": "PBKDF2 + HKDF key derivation with 100K iterations",
+    "backwardCompatibleMigration": "All data remains backward compatible during migration",
+    "enterpriseGradeSecurityActive": "Enterprise-Grade Security Active",
+    "masterKeysProtectedByDeviceBinding": "Your master encryption keys are protected by device fingerprint binding. This means even if someone gains access to your database files, they cannot decrypt the data without physical access to this server.",
+    "important": "Important",
+    "keepEncryptionKeysSecure": "Keep your encryption keys secure. Loss of encryption keys will result in permanent data loss. Regular backups are recommended.",
+    "loadingEncryptionStatus": "Loading encryption status..."
   },
   "hosts": {
     "title": "Host Manager",