Iptables: Blocking outbound traffic except to certain IP addresses

iptables -I OUTPUT -d <remote_ip> -p tcp --dport 22 -j ACCEPT
iptables -I INPUT -s <remote_ip> -p tcp --sport 22 -j ACCEPT
iptables -I OUTPUT -d <remote_ip> -p tcp --dport 443 -j ACCEPT
iptables -I INPUT -s <remote_ip> -p tcp --sport 443 -j ACCEPT
iptables -P INPUT DROP
iptables -P OUTPUT DROP

You will need to put in the first 4 rules for each of the IPs. Be warned, though, because you will have to log in via the console on this machine; all other access to it will be blocked.

Now I understand the context of your quesiton, try:

iptables -P OUTPUT DROP
iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -s 8.8.8.8 --dport 53 -j ACCEPT
iptables -A OUTPUT -p udp -s 8.8.8.8 --dport 53 -j ACCEPT
iptables -A OUTPUT -p tcp -s 10.11.12.13/24 --dport 22 -j ACCEPT
iptables -A OUTPUT -p tcp -s 10.11.12.13/24 --dport 443 -j ACCEPT

And so on. That will set the default policy to DROP and then only allow IP addresses (or ranges) listed access. The second line allows related traffic (eg outbound packets for an ongoing SSH session), the third and fourth examples for your DNS lookups.

Don't forget you'll need an INPUT rule similar to line 2.

The above posts will achieve to block all outgoing traffic except SSH and HTTPS, but they will not meet your above (in the comments) stated objective:

I want users who log in via SSH to be unable to send data from this machine.

Consider the following: If I would have SSH access to your box, I could simply upload any data to an untrusted location using an SSH tunnel and go via one of the destinations for which you allow outgoing traffic. Thus, I don't think the problem can be addressed just by iptable rules on your host containing the sensitive data if you want to sensitive data not to be copied outside of your network in any way.