IF you’re already ssh’ing into the box, there is no need to change any ports. Your already inside the firewall, and have access to all running services. If you’re just trying to get access to phpmyadmin but in a more secure way than the public html port, then ssh’ing in and only accessing it via local host is the best way. But you would need a way to block public access to phpmyadmin. Which I think is what you’re trying to do. Since phpmyadmin just runs from a public/semi public directory, you just need to password protect that directory, and be sure the firewall is blocking failed attempts. Virtualmin does have a protected directory module for each domain.
Lastly, just my opinion, but there is no need for phpmyadmin, as virtualmin has its own module where you can already view and edit databases without exposing it to public access. Although more basic than phpmyadmin. Its all I use.