Change -setup to generate a key with "touch policy" of "cached" instead of "always"#146

Would it make sense to have the `-setup` argument default to using the [`cached`](https://docs.yubico.com/yesdk/users-manual/application-piv/pin-touch-policies.html#touch-policies) touch policy instead of the `always` policy? https://github.com/FiloSottile/yubikey-agent/blob/2e5376c5ec006250c12c1b6de65fa91de9afe687/setup.go#L143C20-L143C37 > Cached: a touch is not needed if the YubiKey had been touched in the last 15 seconds, otherwise a touch is needed Only suggesting as I ended up in this situation * Generated a key using `yubikey-agent` * Deployed it to a bunch of servers * Discovered that when doing a set of `git` actions that connect to GitHub 3 or 4 times, the `always` touch policy that the key was generated with requires touching the yubikey 4 times in a row to make 4 connections It's very possible though that choosing the `always` touch policy is intentional and there's a good security story for this choice in which case feel free to disregard my suggestion.