there are a lot of options for linked server security; i've only used three ways, which i'll try to explain:

1: anyone accessing the linked server uses a specific logon from the other server. that's what you see in this screenshot; "for a login not listed above use ..."sa" or some specific user, who probably has way to much access, but is convenient as hell for a developer to get data from.

2. the line just above that, "Be made with the current logon's security context" which is pretty good security wise. if there are multiple servers in your organization, and i logged in as mydomain\lowell, the same credentials are used on the remote server...if i have access, great, if not, i can't get to anything i wasn't supposed to anyway.

3. the section at the top...you click "Add", and for example, if i login as "devuser", if i access the linked server, I might use the remote credentials for "webdev" , where a different logon "Accounting" might use a different remote user with access to more objects and elevated privileges.

the option "not be made" is so that if you are not on the list of impersonations at the top, there's no access. it sounds like this is what you wanted to do...add two users, "bob" and "sa"; noone else would have access except the sa user and bob.