-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl https://raw.githubusercontent.com/turnkeylinux/common/master/keys/tkl-buster-images.asc | gpg --import
    $ gpg --list-keys --with-fingerprint release-buster-images@turnkeylinux.org
      pub   rsa4096 2020-02-05 [SC] [expires: 2040-01-31]
            A8B2 EF42 8781 9B03 D351  6CCA 7623 1C20 425E 9772
      uid           [ unknown] TurnKey GNU/Linux Buster Images (GPG signing key for TurnKey Linux Buster Images) <release-buster-images@turnkeylinux.org>
      sub   rsa4096 2020-02-05 [S] [expires: 2040-01-31]
      
    $ gpg --verify turnkey-ghost-16.1-buster-amd64.iso.hash
      gpg: Signature made using RSA key ID A8B2EF4287819B03D3516CCA76231C20425E9772
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum turnkey-ghost-16.1-buster-amd64.iso
      d65509bef34f5b842dd9a608e9ff051be1fde3be9286b852298697f9a9eadb77  turnkey-ghost-16.1-buster-amd64.iso

    $ sha512sum turnkey-ghost-16.1-buster-amd64.iso
      381dffc990e8c36f015a61765b43fc0083154e51ea62aec6b89e313429c8f30d66b511702979a52dec26fe62158c7d8d62df90a6404d6bdaf5e813870e4c72ac  turnkey-ghost-16.1-buster-amd64.iso

   Note, you can compare hashes automatically::

    $ sha256sum -c turnkey-ghost-16.1-buster-amd64.iso.hash
      turnkey-ghost-16.1-buster-amd64.iso: OK

    $ sha512sum -c turnkey-ghost-16.1-buster-amd64.iso.hash
      turnkey-ghost-16.1-buster-amd64.iso: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE8ZCki1TcVrLH8k3LrF6wBJPlvBwFAmBh2NcACgkQrF6wBJPl
vBxsYA//bLQ5V0nI7E0plwkpOvdscz824ZFLS46p5sKyhojEWh9NGsIL+K2Y4Sbq
/w2e4BZolN78iIBf5UC369QbPzYj8S3dql9FQgGNn9an5jS5HcFJagmBzUBEKrvS
vLSaAmfN76TlacUaJvA7ZhIWsFzBpJ7Fk+qq09/KgHFKDXbh21tvM37PPfLn7Vyl
drKN51eARwk7b1VN8l12EUbx2Q8/HK4t4uw8wKT1zlvmtL1XVoHffidXT2bSRE3N
gryOPrUO2wUglTX0XmBimwxVUnTWVwLikqlML0xCdLWnml9sPwEOKHm6gJB3qJYb
w/N9ccnWEvEZAuKbXHBXXhhH/JjwjI+iCmXoLU4E/nsfQaHksm5w1BFRkKWVZT7p
Wt/w1AHz86FaYIiBknThYYFBEGmkjKkUl/ceKNM6UCA80TxEMgA+IJjmDLFZWKU/
4HU1oG2+ZfmwIbB3zjxHHrexLGCTYQ8rF6ck3rBBOg7UmvVc8EsGXPsghJntD+77
HcXhkg1yL6lVLBaZy9W5jI7zdXVpFb1URNHnStyP+QCvuKqpl6WhcONymT3z7Pw2
hr5Ao4XE59ScSzXiCac012a/L1a/0fxXxIfJsyknnePz7Y9ETgdkVSnCOByouUBc
xLIJubeQ36CcD3RP6sGbMX0hdoB1WMxTO8L+cjI7QCAcJZHauhw=
=ntKn
-----END PGP SIGNATURE-----