To restrict certain users from logging onto a system via the SSH server, you can use the AllowUsers directive in the sshd_config file (usually located at /etc/ssh/sshd_config).
To allow only the users user1 and user2 to log in via SSH, add the following line to the sshd_config file:
AllowUsers user1 user2
You can also use wildcards to match multiple users. For example, to allow all users in the admin group to log in via SSH, you can use:
AllowUsers *admin*
To apply the changes, you will need to restart the SSH server. On most systems, you can do this by running:
sudo service ssh restart
Note that this will only prevent the specified users from logging in via SSH. If the users have other methods of accessing the system (e.g. through the console), they will still be able to log in.