We have asked our Cisco reps before about this and they always claim that there was very little customer interest in adding a more suitable ssh to the routers (ie, customers need to B&C a little). Cisco does support ssh but it is protocol 1 with weak DES encryption (which thanks to tools like DSNIFF isn't much better than telnet). I also understand you can purchase an ssh that used protocol 2 for Cisco products; however, from what I have been told it is quite expensive...

I agree with the others though, proper ACL's on your VTY's (as well as other steps to properly secure your router) should mitigate most of your security problems.

/nebulus