Move SSH port on Cisco devices
Per default Cisco uses for SSH the TCP/22 port (like any other device using SSH). For example it’s easy to setup in openSSH any other TCP port on GNU/Linux, but it’s a bit more complicated for Cisco devices like routers or switches.
A move of the SSH port can be accomplished on Cisco devices with a rotary group and an access list.
ip ssh port 8022 rotary 1
ip access-list extended DenySsh22 deny tcp any any eq 22 permit ip any any
line vty 0 15 rotary 1 access-class DenySsh22 in
After the rotary ground and access list the SSH login should be verified with the new TCP port 8022. Of course any other TCP port like 22022 can be used.