I really hope no black hat reads this forum and uses one of the ip addresses listed next to posts to find Vera2 vpn traffic to mcv. . .
To be fair, that black hat would have to be listening at your ISP, or on the backbone between your ISP and MCV's ISP. If that's happening then I am much more concerned. (The black hat doesn't need to decode the ssh traffic if they are already in your LAN, because they can just connect straight to Vera's port 80, which is all that the ssh tunnel is doing.)
On a related note, it occurs to me that by using a reverse ssh tunnel, I can be sure that Vera is taking to MCV (and not a MitM), but how does Vera know that it's talking to me? We're all making exactly the same ssh tunnels to mios.com, so how does MCV stop me masquerading as not12bhere? My theory is that it involves nvram and the seemingly unique keys in /etc/cmh/HW_Key*, but it'd be nice to know.
Still, I agree with your sentiment, and if MCV is going to the trouble to give each Vera a different hardware key in nvram, it can't be much more effort to cut a different ssh identity for each of us too.