Implement database export/import functionality for hardware migration

Added comprehensive database export/import system to safely migrate SSH connection data between different server environments.

Key Features:
- SQLite export format with encrypted data migration
- Hardware fingerprint protection and re-encryption
- Field mapping between TypeScript and database schemas
- Foreign key constraint handling for cross-environment imports
- Admin user assignment for imported SSH records
- Additive import strategy preserving existing data
- File upload support for import operations

Technical Implementation:
- Complete Drizzle ORM schema consistency
- Bidirectional field name mapping (userId ↔ user_id)
- Proper encryption/decryption workflow
- Multer file upload middleware integration
- Error handling and logging throughout

Security:
- Only exports SSH-related tables (ssh_data, ssh_credentials)
- Protects admin user data from migration conflicts
- Re-encrypts sensitive fields for target hardware
- Validates export file format and version compatibility

src/locales/en/translation.json

@@ -383,37 +383,111 @@
     "migrationStatus": "Migration Status",
     "migrationCompleted": "Migration completed",
     "migrationRequired": "Migration required",
-    "deviceProtectedMasterKey": "Device-Protected Master Key",
+    "deviceProtectedMasterKey": "Environment-Protected Master Key",
     "legacyKeyStorage": "Legacy Key Storage",
-    "masterKeyEncryptedWithDeviceFingerprint": "Master key encrypted with device fingerprint (KEK protection active)",
-    "keyNotProtectedByDeviceBinding": "Key not protected by device binding (upgrade recommended)",
+    "masterKeyEncryptedWithDeviceFingerprint": "Master key encrypted with environment fingerprint (KEK protection active)",
+    "keyNotProtectedByDeviceBinding": "Key not protected by environment binding (upgrade recommended)",
     "valid": "Valid",
     "initializeDatabaseEncryption": "Initialize Database Encryption",
-    "enableAes256EncryptionWithDeviceBinding": "Enable AES-256 encryption with device-bound master key protection. This creates enterprise-grade security for SSH keys, passwords, and authentication tokens.",
+    "enableAes256EncryptionWithDeviceBinding": "Enable AES-256 encryption with environment-bound master key protection. This creates enterprise-grade security for SSH keys, passwords, and authentication tokens.",
     "featuresEnabled": "Features enabled:",
     "aes256GcmAuthenticatedEncryption": "AES-256-GCM authenticated encryption",
-    "deviceFingerprintMasterKeyProtection": "Device fingerprint master key protection (KEK)",
+    "deviceFingerprintMasterKeyProtection": "Environment fingerprint master key protection (KEK)",
     "pbkdf2KeyDerivation": "PBKDF2 key derivation with 100K iterations",
     "automaticKeyManagement": "Automatic key management and rotation",
     "initializing": "Initializing...",
     "initializeEnterpriseEncryption": "Initialize Enterprise Encryption",
     "migrateExistingData": "Migrate Existing Data",
     "encryptExistingUnprotectedData": "Encrypt existing unprotected data in your database. This process is safe and creates automatic backups.",
-    "testMigrationDryRun": "Test Migration (Dry Run)",
+    "testMigrationDryRun": "Verify Encryption Compatibility",
     "migrating": "Migrating...",
     "migrateData": "Migrate Data",
     "securityInformation": "Security Information",
     "sshPrivateKeysEncryptedWithAes256": "SSH private keys and passwords are encrypted with AES-256-GCM",
     "userAuthTokensProtected": "User authentication tokens and 2FA secrets are protected",
     "masterKeysProtectedByDeviceFingerprint": "Master encryption keys are protected by device fingerprint (KEK)",
-    "keysBoundToServerInstance": "Keys are bound to this specific server instance",
+    "keysBoundToServerInstance": "Keys are bound to current server environment (migratable via environment variables)",
     "pbkdf2HkdfKeyDerivation": "PBKDF2 + HKDF key derivation with 100K iterations",
     "backwardCompatibleMigration": "All data remains backward compatible during migration",
     "enterpriseGradeSecurityActive": "Enterprise-Grade Security Active",
-    "masterKeysProtectedByDeviceBinding": "Your master encryption keys are protected by device fingerprint binding. This means even if someone gains access to your database files, they cannot decrypt the data without physical access to this server.",
+    "masterKeysProtectedByDeviceBinding": "Your master encryption keys are protected by environment fingerprinting. This uses server hostname, paths, and other environment info to generate protection keys. To migrate servers, set the DB_ENCRYPTION_KEY environment variable on the new server.",
     "important": "Important",
-    "keepEncryptionKeysSecure": "Keep your encryption keys secure. Loss of encryption keys will result in permanent data loss. Regular backups are recommended.",
-    "loadingEncryptionStatus": "Loading encryption status..."
+    "keepEncryptionKeysSecure": "Ensure data security: regularly backup your database files and server configuration. To migrate to a new server, set the DB_ENCRYPTION_KEY environment variable on the new environment, or maintain the same hostname and directory structure.",
+    "loadingEncryptionStatus": "Loading encryption status...",
+    "testMigrationDescription": "Verify that existing data can be safely migrated to encrypted format without actually modifying any data",
+    "serverMigrationGuide": "Server Migration Guide",
+    "migrationInstructions": "To migrate encrypted data to a new server: 1) Backup database files, 2) Set environment variable DB_ENCRYPTION_KEY=\"your-key\" on new server, 3) Restore database files",
+    "environmentProtection": "Environment Protection",
+    "environmentProtectionDesc": "Protects encryption keys based on server environment info (hostname, paths, etc.), migratable via environment variables",
+    "verificationCompleted": "Compatibility verification completed - no data was changed",
+    "verificationInProgress": "Verification completed",
+    "dataMigrationCompleted": "Data migration completed successfully!",
+    "migrationCompleted": "Migration completed",
+    "verificationFailed": "Compatibility verification failed",
+    "migrationFailed": "Migration failed",
+    "runningVerification": "Running compatibility verification...",
+    "startingMigration": "Starting migration...",
+    "hardwareFingerprintSecurity": "Hardware Fingerprint Security",
+    "hardwareBoundEncryption": "Hardware-Bound Encryption Active",
+    "masterKeysNowProtectedByHardwareFingerprint": "Master keys are now protected by real hardware fingerprinting instead of environment variables",
+    "cpuSerialNumberDetection": "CPU serial number detection",
+    "motherboardUuidIdentification": "Motherboard UUID identification",
+    "diskSerialNumberVerification": "Disk serial number verification",
+    "biosSerialNumberCheck": "BIOS serial number check",
+    "stableMacAddressFiltering": "Stable MAC address filtering",
+    "databaseFileEncryption": "Database File Encryption",
+    "dualLayerProtection": "Dual-Layer Protection Active",
+    "bothFieldAndFileEncryptionActive": "Both field-level and file-level encryption are now active for maximum security",
+    "fieldLevelAes256Encryption": "Field-level AES-256 encryption for sensitive data",
+    "fileLevelDatabaseEncryption": "File-level database encryption with hardware binding",
+    "hardwareBoundFileKeys": "Hardware-bound file encryption keys",
+    "automaticEncryptedBackups": "Automatic encrypted backup creation",
+    "createEncryptedBackup": "Create Encrypted Backup",
+    "creatingBackup": "Creating Backup...",
+    "backupCreated": "Backup Created",
+    "encryptedBackupCreatedSuccessfully": "Encrypted backup created successfully",
+    "backupCreationFailed": "Backup creation failed",
+    "databaseMigration": "Database Migration",
+    "exportForMigration": "Export for Migration",
+    "exportDatabaseForHardwareMigration": "Export database as SQLite file with decrypted data for migration to new hardware",
+    "exportDatabase": "Export SQLite Database",
+    "exporting": "Exporting...",
+    "exportCreated": "SQLite Export Created",
+    "exportContainsDecryptedData": "SQLite export contains decrypted data - keep secure!",
+    "databaseExportedSuccessfully": "SQLite database exported successfully",
+    "databaseExportFailed": "SQLite database export failed",
+    "importFromMigration": "Import from Migration",
+    "importDatabaseFromAnotherSystem": "Import SQLite database from another system or hardware",
+    "importDatabase": "Import SQLite Database",
+    "importing": "Importing...",
+    "selectedFile": "Selected SQLite File",
+    "importWillReplaceExistingData": "SQLite import will replace existing data - backup recommended!",
+    "pleaseSelectImportFile": "Please select a SQLite import file",
+    "databaseImportedSuccessfully": "SQLite database imported successfully",
+    "databaseImportFailed": "SQLite database import failed",
+    "manageEncryptionAndBackups": "Manage encryption keys, database security, and backup operations",
+    "activeSecurityFeatures": "Currently active security measures and protections",
+    "deviceBindingTechnology": "Advanced hardware-based key protection technology",
+    "backupAndRecovery": "Secure backup creation and database recovery options",
+    "crossSystemDataTransfer": "Export and import databases across different systems",
+    "noMigrationNeeded": "No migration needed",
+    "encryptionKey": "Encryption Key",
+    "keyProtection": "Key Protection",
+    "active": "Active",
+    "legacy": "Legacy",
+    "dataStatus": "Data Status",
+    "encrypted": "Encrypted",
+    "needsMigration": "Needs Migration",
+    "ready": "Ready",
+    "initializeEncryption": "Initialize Encryption",
+    "initialize": "Initialize",
+    "test": "Test",
+    "migrate": "Migrate",
+    "backup": "Backup",
+    "createBackup": "Create Backup",
+    "exportImport": "Export/Import",
+    "export": "Export",
+    "import": "Import"
   },
   "hosts": {
     "title": "Host Manager",