- change all references to yubiknock

- strict separation between daemon that accepts key, validates, and
hands down ipv4/ipv6 address and yubikey ID to external program.

Lock all accounts that have been idle for more than N days, Yubiknock unlocks them
"shutdown" yubikey or reboot
Yubikey to start some service or stop
Yk to force root pass replace?  Probnot
Instead of using iptables, do wrappers
By default, set up a Yubiknock account