* fixes the bug in token validation accepting all tokens
* provides generation of provisioning tokens to file and reading tokens from the file
* better setup of default listening ports
Distinct roles separation:
* Stateful auth server, it is stateful and exposes SSH
authentication endpoint to the cluster
* Stateless ssh node, it connects to the auth server
to authenticate access requests
* Stateless cp node, it provides web portal to access
the cluster and update users keys
Provisioning:
* Auth server automatically sets itself up on the first start,
no need to explicitly set encryption keys and authority certs
* SSH node connects to the Auth server to provision host private keys
and sertificates using special SSH provisioning key issued by
the auth server