[blameless]

I also always change the SSH port to 9922. I haven't seen any failed login attempts so far.

[sippndipp]

I would use a privileged port for ssh (different than 22). In case a hacker owns the process he would need sudo to open another connection if the port is <1024.

[marshray]

I wonder if it's ever happened that a hacker was able to pwn sshd only to be stopped by the lack of a local privilege escalation to root.