diff --git a/build-pipeline-ci-test.yml b/build-pipeline-ci-test.yml
index 0774eaba89221efcbdb2b36b3c53c2a8c22c0dc1..0ff3259ca2c8c17b5900c7a6c541fe07aa6ad201 100644
--- a/build-pipeline-ci-test.yml
+++ b/build-pipeline-ci-test.yml
@@ -41,6 +41,7 @@ build:files:
     GIT_STRATEGY: none
   before_script:
     - !reference [.docker_check]
+    - !reference [.setup_ssh]
     - !reference [.setup_git_credentials]
     - !reference [.repo_checkout]
   script:
@@ -72,6 +73,7 @@ build:check-foo-branch:
     GIT_STRATEGY: none
   before_script:
     - !reference [.docker_check]
+    - !reference [.setup_ssh]
     - !reference [.setup_git_credentials]
     - !reference [.repo_checkout]
   script: |
diff --git a/build-pipeline.yml b/build-pipeline.yml
index 6ada22ca1593f3a7dfd7cdc048c2576776d45bae..89024fe97aa25eb2ff4cda6616cb72fb6ed3f94c 100644
--- a/build-pipeline.yml
+++ b/build-pipeline.yml
@@ -21,6 +21,30 @@ workflow:
         exit 1
     fi
 
+.setup_ssh: &setup_ssh
+  # Setup ssh key to access private repos
+  # https://docs.gitlab.com/ee/ci/ssh_keys/#ssh-keys-when-using-the-docker-executor
+  # An SSH keypair has been generated for the manifest's pipeline to be able to access
+  # all private repositories in the manifest. The private key has been stored in the
+  # CI/CD variable GITLAB_PRIVATE_KEY of the manifest repository. The public key has
+  # been added as a deploy key in GitLab's repository settings for all contained
+  # repositories.
+  - echo "Setup SSH"
+  - eval $(ssh-agent -s)
+  - echo "$GITLAB_PRIVATE_KEY" | tr -d '\r' | ssh-add -
+  - mkdir -p ~/.ssh
+  - chmod 700 ~/.ssh
+  # Add GitLab server to known hosts
+  # https://docs.gitlab.com/ee/ci/ssh_keys/#verifying-the-ssh-host-keys
+  # In order to access the private repositories via SSH, the GitLab server has to be
+  # added to the known_hosts file. The host keys were determined using the command
+  #   ssh-keyscan [-p port] <gitlab-server>
+  # and have been stored in the GITLAB_KNOWN_HOSTS CI/CD variable.
+  - echo "$GITLAB_KNOWN_HOSTS" >> ~/.ssh/known_hosts
+  - chmod 644 ~/.ssh/known_hosts
+  # Write SSH configuration from variable to config file
+  - echo "$SSH_CONFIG" > ~/.ssh/config
+
 .setup_git_credentials: &setup_git_credentials
   - echo "Setup Git Credentials Cache"
   - git config --global credential.helper 'cache --timeout 86400'
@@ -244,6 +268,7 @@ workflow:
     FNG_INSTALL_URL: "${JOB_URL}/artifacts/${IMAGE_PATH}/${INSTALL_SCRIPT}"
   before_script:
     - *docker_check
+    - *setup_ssh
     - *setup_git_credentials
     - *repo_checkout
     - *setup_build
@@ -321,6 +346,7 @@ workflow:
     reports:
       junit: results/results-*.xml
   before_script:
+    - !reference [.setup_ssh]
     - !reference [.setup_git_credentials]
   script:
     - .gitlab-ci/scripts/download_file_from_latest_job.py