diff --git a/tasks/configure-ssh-hardening.yml b/tasks/configure-ssh-hardening.yml
index cb01036b539b161ff751ffeb898b0f259bca74d1..b34818dc05a96bfc660cae64167c122e94ebdb6a 100644
--- a/tasks/configure-ssh-hardening.yml
+++ b/tasks/configure-ssh-hardening.yml
@@ -1,10 +1,11 @@
 ---
 - name: Konfiguration für OpenSSH einspielen - gehärtete Config
-  blockinfile:
+  ansible.builtin.blockinfile:
     path: "/etc/ssh/sshd_config"
     backup: "yes"
     insertbefore: "### BEGIN ANSIBLE MANAGED BLOCK - SFTP SERVER"
     marker: "### {mark} ANSIBLE MANAGED BLOCK - HARDENED SSH SERVER"
+    validate: /usr/sbin/sshd -T -f %s
     block: |
       ### Debian-specific default configurations as described by sshd_config(5) manpage. These differ from the vanilla OpenSSH defaults.
       ChallengeResponseAuthentication no