Switch to using NetBSD's probe locations, there is no reason to have
these in different places. We have already submitted all probes that
were better placed or missing. The locations of these probes are a
moving target, depending on upstream OpenSSH changes, by having them in
sync with upstream blocklistd should facilitate upgrades and
maintenance.

Also, exclusively use BLACKLIST_AUTH_FAIL for now. Upstream recently
changed the API and implemented BLACKLIST_BAD_USER, making it count as a
one failure count, and BLACKLIST_AUTH_FAIL as a two failure count. When
this change comes in, we'll change all actions to BLACKLIST_BAD_USER.

Also, set blacklist notify messages to be more descriptive, this
facilitates tracking the right probe when debugging.

It is worth noting that NetBSD switched to using vsyslog_ss(3)[1], this
is an interesting move to pursue as well, to reduce the future chances
of [2].

[1]: https://github.com/NetBSD/src/commit/01636416235e7bcbfc829d372cfadd1cfd5494f8
[2]: https://www.freebsd.org/security/advisories/FreeBSD-SA-24:08.openssh.asc