Open the /etc/hosts.allow file in order to add a new entry.
Enter your GoodAccess gateway's Static IP address. Below you will find an example of two permitted IP addresses.
Be sure that you've entered the correct IP address to any issues with connectivity and then save the file.
sshd: 22.214.171.124/32, 126.96.36.199/32
This line will allow all the comma separated IP blocks to your SSH port
Now let's block access from all other sources apart from the defined ones. To do so, edit the /etc/hosts.deny by adding the following entry and save your changes.
Test the access with and without being connected with the GoodAccess Client App to be sure that the SSH access is protected.
Note: There are several other ways to restrict access to SSH servers like IPTABLES firewall (restrict the access to TCP port 22) or SSH daemon config.