diff --git a/.yamllint b/.yamllint
index 5e82c4a..c989780 100644
--- a/.yamllint
+++ b/.yamllint
@@ -10,7 +10,7 @@ extends: default
 
 rules:
   braces:
-    min-spaces-inside: 1
+    min-spaces-inside: 0
     max-spaces-inside: 1
   brackets:
     max-spaces-inside: 1
@@ -22,6 +22,7 @@ rules:
   comments:
     require-starting-space: yes
     min-spaces-from-content: 1
+  comments-indentation: no
   document-start:
     present: yes
   document-end:
@@ -33,6 +34,9 @@ rules:
     max: 79
   new-lines:
     type: unix
+  octal-values:
+    forbid-implicit-octal: yes
+    forbid-explicit-octal: yes
   truthy:
     allowed-values: ['yes', 'no']
     check-keys: no
diff --git a/roles/ssh/tasks/authorized-keys.yml b/roles/ssh/tasks/authorized-keys.yml
index 9506a4e..c1deeb9 100644
--- a/roles/ssh/tasks/authorized-keys.yml
+++ b/roles/ssh/tasks/authorized-keys.yml
@@ -6,7 +6,7 @@
     state: directory
     owner: root
     group: root
-    mode: 0755
+    mode: '0755'
   tags:
     - ssh-authorized-keys
 
diff --git a/roles/ssh/tasks/configuration-sshd.yml b/roles/ssh/tasks/configuration-sshd.yml
index e82503c..17a0c56 100644
--- a/roles/ssh/tasks/configuration-sshd.yml
+++ b/roles/ssh/tasks/configuration-sshd.yml
@@ -16,7 +16,7 @@
     dest: /etc/ssh/sshd_config
     owner: root
     group: root
-    mode: 0644
+    mode: '0644'
     validate: /usr/sbin/sshd -t -f %s
   become: yes
   register: __sshd_configuration
@@ -27,7 +27,7 @@
     dest: /etc/ssh/sshd_config.d/10-ansible.conf
     owner: root
     group: root
-    mode: 0600
+    mode: '0600'
     validate: /usr/sbin/sshd -t -f %s
   become: yes
   when: __ssh_has_conf_d
diff --git a/roles/ssh/tasks/main.yml b/roles/ssh/tasks/main.yml
index 5b907e2..a20489c 100644
--- a/roles/ssh/tasks/main.yml
+++ b/roles/ssh/tasks/main.yml
@@ -36,7 +36,7 @@
     dest: /etc/ssh/ssh_known_hosts
     owner: root
     group: root
-    mode: 0644
+    mode: '0644'
   when: ssh_known_hosts is defined
   tags:
     - ssh-known-hosts
@@ -80,7 +80,7 @@
     dest: '{{ ssh_banner.dest }}'
     owner: root
     group: root
-    mode: 0644
+    mode: '0644'
   when: >
     ssh_banner is defined and
     ssh_banner.src is defined and
@@ -119,7 +119,7 @@
     state: directory
     owner: root
     group: root
-    mode: 0755
+    mode: '0755'
   when: __ssh_base_distro == 'ubuntu'
 
 # -----------------------------------------------------------------------------