diff --git a/.gitmodules b/.gitmodules
index 2bcafbcfeb40..da2b9273a2cf 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -85,3 +85,6 @@
 [submodule "platforms/nuttx/src/px4/common/process"]
 	path = platforms/nuttx/src/px4/common/process
 	url = git@github.com:tiiuae/px4-kernel.git
+[submodule "Tools/saluki-sec-scripts"]
+	path = Tools/saluki-sec-scripts
+	url = git@github.com:tiiuae/saluki-sec-scripts.git
diff --git a/Tools/saluki-sec-scripts b/Tools/saluki-sec-scripts
new file mode 160000
index 000000000000..99b6a0e4b614
--- /dev/null
+++ b/Tools/saluki-sec-scripts
@@ -0,0 +1 @@
+Subproject commit 99b6a0e4b614ea17b28eeb5c6399dccbc0652dcb
diff --git a/clone_public.sh b/clone_public.sh
index 0c6b1179b61d..8ef9f31d116c 100755
--- a/clone_public.sh
+++ b/clone_public.sh
@@ -5,6 +5,7 @@ set -euo pipefail
 while read -r repo
 do
   [[ "${repo}" == *saluki-?? ]] || \
+  [[ "${repo}" == *saluki-sec-scripts ]] || \
   [[ "${repo}" == *pfsoc_crypto ]]  || \
   [[ "${repo}" == *pfsoc_keystore ]]  || \
   [[ "${repo}" == *pf_crypto ]] || \
diff --git a/packaging/build_px4fw.sh b/packaging/build_px4fw.sh
index c25b4c46ab2d..eb0c7e1f4d27 100755
--- a/packaging/build_px4fw.sh
+++ b/packaging/build_px4fw.sh
@@ -20,8 +20,11 @@ else
         # use the PX4 default signing script and keys
         if [[ $NAME = saluki* ]]
         then
-            export SIGNING_TOOL=boards/ssrc/saluki-v1/tools/ed25519_sign.py
-            export SIGNING_ARGS=boards/ssrc/$NAME/tools/ed25519_test_key.pem
+            export SIGNING_TOOL=Tools/saluki-sec-scripts/ed25519_sign.py
+
+            if [ -z "$SIGNING_ARGS" ]; then
+                export SIGNING_ARGS=Tools/saluki-sec-scripts/test_keys/$NAME/ed25519_test_key.pem
+            fi
         else
             export SIGNING_TOOL=Tools/cryptotools.py
             unset SIGNING_ARGS
@@ -31,5 +34,9 @@ else
         rm -Rf build/${arg}
         # Build
         make ${arg}
+
+        if [ -n "$SIGNING_ARGS" ]; then
+            echo "Signing key: $SIGNING_ARGS"
+        fi
     done
 fi