New Feature: Two Man Realms

[ddworken]

This PR adds a new feature to the SSH CA project: The ability to define realms of servers that are only available with approval from someone else on your team. An example config for this feature would be:

export TEAMS="team.ssh.staging,team.ssh.prod,team.ssh.root_everywhere"
export TWO_MAN_TEAMS="team.ssh.root_everywhere"
export TWO_MAN_APPROVERS="dworken, username1, username2" 

Approval is done via reacting with a :+1: to a message posted by the bot. All approvers are logged to the SSH CA audit log.

An example interaction for this mode looks like: