Comment 22 for bug 501956

Created attachment 798
log failed password and kbdint to btmp on Linux and HP-UX

Adapted to use existing record_failed_login hook for password and
keyboard-interactive. Tested OK on Linux (RH9, IPv4 and IPv6) and HP-UX
(11.11, IPv4 only).

It won't do other auth types (pubkey, gssapi, hostbased) at the moment, however
this can be added later (after bug #125 is sorted).

It also extracts the remote socket address via getpeername rather than doing a
lookup on the textual hostname (which is wasteful and may not resolve to the
same address as the connection originated from).