-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 To ensure the image has not been corrupted in transmit or tampered with, perform the following two steps to cryptographically verify image integrity: 1. Verify the authenticity of this file by checking that it is signed with our GPG release key: $ curl | gpg --import $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org pub rsa4096 2021-08-04 [SC] [expires: 2041-07-30] E10F 6567 0C8E BE42 ED0C 3A49 CCA5 1174 468F 9073 uid [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) sub rsa4096 2021-08-04 [S] [expires: 2041-07-30] $ gpg --verify turnkey-oscommerce-17.1-bullseye-amd64.iso.hash gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073 gpg: Good signature from "0" 2. Recalculate the image hash and make sure it matches your choice of hash below. $ sha256sum turnkey-oscommerce-17.1-bullseye-amd64.iso a18f356e4b7caba1b6c379a0d26c051e15b4273dc056dd8a8d68cc6046b07910 turnkey-oscommerce-17.1-bullseye-amd64.iso $ sha512sum turnkey-oscommerce-17.1-bullseye-amd64.iso c705c3261d37452896a41efb820c1793b83454a2bffa4a32f610556a6d158057ed73888271ed8e4b938db640790e78223a8e87cef3c4e29c88bb9bd19e859df0 turnkey-oscommerce-17.1-bullseye-amd64.iso Note, you can compare hashes automatically:: $ sha256sum -c turnkey-oscommerce-17.1-bullseye-amd64.iso.hash turnkey-oscommerce-17.1-bullseye-amd64.iso: OK $ sha512sum -c turnkey-oscommerce-17.1-bullseye-amd64.iso.hash turnkey-oscommerce-17.1-bullseye-amd64.iso: OK Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted. -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmOccf4ACgkQHkh6RjHW /rbsbRAAhWW0fFzENT1TIiwQES7Lb5FHs0Xf4pdjATop2xIU0HlHpD8pqRdqT9GQ fNk7v4QZVPF9MGOzC11khPnJKZoNjGNOqxBfOK5vh22jeqjTAjMkb/aPMd0qOGgS uT0uAOv9pzTGW2JHlR78WkDZMLrFBa5Fjg0ip9UnLipdV/zaHgKyZ7t4jTqQR9LU MDuFficV3xin8LlkOl92SZj9B5slI6iQ7D3xyk2gciUdcLEhwwq6coGZ1gTFU7W8 f6yizxlW92PzbzwneNC3zD9ZG09hD26UG84+dp1rIKDj2PJ29ML1lrlmK1Uh7X2t PTfPI8dzD1KZzu7czKvYHnRZ0dkdbW9Qp8BDVpNSLSv0+/jEpBr+ogKdtaIiI7bR me7UJjrm0DypOS8uBFvdlKqok/Qq7c7blnY0R63pJXnsVS4z5oFStKYHQdhMHTLc 9KnF2PqYoqIVblep08y11fhTW0pZMmJFsU4KC+Gj44uKQvXOIG8dCETSD+fLPgHM LuCykI/Y+pbkDxzyOZdmcFn9KiyPnS+OPWu4sh75Q0yJ+8rg2pR7Y04MT8HVDl3g 30520qTtNyI7Fl8bBcgEjoFeq5v7LSwMfYty3Ud3G/t3Pbz3hGHeFM+Sr2t6ZTE5 Zwvc5y8Xuv2ZBwKoDCuxj251+ureXMLT0TgN8f/ukY7CPQ/U0DM= =5mv6 -----END PGP SIGNATURE-----