Yeah, moving ports is not as good as it seems at first glance, even though it is often recommended even by IT security. The most common argument why to move the ports is "less attacks in log". Well, I can't deny that. But if that's the only argument, you can achieve that as well by using denyhosts, fail2ban or similar scripts. They basically block bad source IPs after x failed logins and that drastically reduces the log size. So it is kind of the same result without the drawbacks of moving the ssh port :-)
