So... I would recommend against putting a K12LTSP server on the internet. Instead, put it behind a firewall, and forward port 22 (ssh) from the FW to the LTSP box.
Is there a way to do this when installing? I set up "High" security and only
checked SSH when I installed K12LTSP on my server. Are there extra
steps to create a firewall, or did that do so?