However, when running nmap on them, one betrays the port that SSH is running on, and the other does not.
What does betray mean?
I have shut down iptables on both machines and the behaviour remains this way. What could be the cause?
Public facing machines w/ iptables off?
Specifically, how can I hide the port that SSH is running on?
So if you want it hidden, you want it not to accept connections from other machines? #iptables -L
See what's allowed, then if you're not iptable savvy, install/run system-config-security. Then do not permit connections to that port, unless you provide more info, like do you Have internal trusted interfaces etc, you will be locked out.
I'm sorry that I cannot provide the IP addresses, the owner of the servers doesn't want that! I also know how silly it is to do "stealth" ports but I'm not the one making the decision!
Probably good thing you haven't exposed a possibly bad config.