add ability to change sshd port

i thought this was already working, but i guess not.

proposed change: if ssh.port is set in hiera, then sshd will be set to bind to that port.

if the variable $sshd_ports is set, then it sshd module will set the port, but we are not setting this variable, as far as i can find.

also, once that is set, we probably don't need our own firewall rule in site_shorewall/manifests/sshd.pp, since in ssh/manifests/init.rb:

  if $use_shorewall{
    class{'shorewall::rules::ssh':
      ports => $sshd_ports,
    }
  }

however, i suppose it might be nice to manager this ourselves, in case we want to support binding to a different network, the firewall rules would need to be aware of this.

(from redmine: created on 2013-07-07, closed on 2014-05-27, relates #5119 (closed))