More Aggressive Yubikey Reconnect

This update fixes an issue where using sshcerts may not have compiled when using bignum.

It also adds a more aggressive Yubikey reconnect policy. It will attempt a standard smartcard reconnect call first but if that fails, it will try to open a new connection to the same serial number yubikey. This happens completely transparently to the caller. When reconnecting to the yubikey, a slot that is set as PIN Once will need to have the pin authentication call happen again (this currently can only happen by accessing the inner yk sturct property).