I have a feeling I already know the answer, but thought I'd throw it out there anyway.

According to ShieldsUP, my router is stealthing every port except the two on which I have http and ssh servers running. The web server is on the default port 80, and sshd is on a higher and uncommonly used port.

I'm wondering if it's possible to allow the ssh port to be used, yet somehow keep it hidden from a typical port scan (not necessarily a scan specific to ssh, which I assume would be impossible to hide from). It's on a very high port, as I said, and is not even tested by the default scan, but it is open and visible when you scan a high range.

My passwords are fairly strong, which I feel is top priority for maintaining a secure system, so I'm not very concerned about infiltration. Mainly I'm just curious if a port necessarily needs to be wide open in order to make use of it.