diff --git a/vars/cpkg.groovy b/vars/cpkg.groovy
index c2ea577..5ca9763 100644
--- a/vars/cpkg.groovy
+++ b/vars/cpkg.groovy
@@ -8,6 +8,7 @@ def call(Map params = [:]) {
     def distVersion = params.distVersion ? params.distVersion : '2.7.0'
     def distBranchName = params.distBranchName ? params.distBranchName : env.GIT_BRANCH
     def gitCredentials = params.gitCredentials ? params.gitCredentials : null
+    def gitCredentialsType = params.gitCredentialsType ? params.gitCredentialsType : 'http'
     def gitEmail = params.gitEmail ? params.gitEmail : 'jenkins@cadoles.com'
     def gitUsername = params.gitUsername ? params.gitUsername : 'Jenkins'
     def skipCi = params.containsKey('skipCi') ? params.skipCi : false
@@ -27,7 +28,7 @@ def call(Map params = [:]) {
         sh("git config --add remote.origin.fetch +refs/heads/${distBranch}:refs/remotes/origin/${distBranch}")
 
         // Update branches
-        sh("GIT_SSH_COMMAND='ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' git fetch --all")
+        sh("git fetch --all")
 
         // Merge currentRef into distBranch and push
         sh("git checkout -b '${distBranch}' 'origin/${distBranch}'")
@@ -39,7 +40,7 @@ def call(Map params = [:]) {
         sh("git merge ${currentRef}")
 
         if (!skipPush) {
-            sh("GIT_SSH_COMMAND='ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' git push")
+            sh("git push")
         } else {
             println("Skipping push. Set skipPush param to 'true' to enable remote repository update.")
         }
@@ -79,7 +80,7 @@ def call(Map params = [:]) {
 
         // Push tag
         if (!skipPush) {
-            sh("GIT_SSH_COMMAND='ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' git push --tags")
+            sh("git push --tags")
         } else {
             println("Skipping push. Set skipPush param to 'true' to enable remote repository update.")
         }
@@ -89,8 +90,16 @@ def call(Map params = [:]) {
     }
 
     if (gitCredentials != null) {
-        git.withHTTPCredentials(gitCredentials) {
-            proc.call()
+        if (gitCredentialsType == 'http') {
+            git.withHTTPCredentials(gitCredentials) {
+                proc.call()
+            }
+        } else if (gitCredentialsType == 'ssh') {
+            git.withSSHCredentials(gitCredentials) {
+                proc.call()
+            }
+        } else {
+            throw new Exception("Unknown git credentials type '${gitCredentialsType}' ! Expected 'ssh' or 'http' (default).")
         }
     } else {
         proc.call()
diff --git a/vars/git.groovy b/vars/git.groovy
index 461cd15..3210b2b 100644
--- a/vars/git.groovy
+++ b/vars/git.groovy
@@ -27,4 +27,18 @@ def withHTTPCredentials(String credentialsId, Closure fn) {
             sh(script: "rm -f '${tmpAskPassScript}'")
         }
     }
+}
+
+def withSSHCredentials(String credentialsId, Closure fn) {
+    def randomUUID = UUID.randomUUID().toString()
+    withCredentials([
+        sshUserPrivateKey(
+            credentialsId: credentialsId,
+            keyFileVariable: 'GIT_SSH_IDENTITY_FILE',
+        )
+    ]) {
+        withEnv(['GIT_SSH_VARIANT=ssh', 'GIT_SSH_COMMAND=ssh -i $GIT_SSH_IDENTITY_FILE -o IdentitiesOnly=yes -o StrictHostKeyChecking=no']) {
+            fn.call()
+        }
+    }
 }
\ No newline at end of file