Add the following to your denyhosts.cfg file-- make sure that is appears on a single line:



FAILED_ENTRY_REGEX=error: PAM: authentication error for (?P<invalid>invalid user |illegal user )?(?P<user>.*?) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})