-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org
      pub   rsa4096 2021-08-04 [SC] [expires: 2041-07-30]
            E10F 6567 0C8E BE42 ED0C  3A49 CCA5 1174 468F 9073
      uid           [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) <release-bullseye-images@turnkeylinux.org>
      sub   rsa4096 2021-08-04 [S] [expires: 2041-07-30]
      
    $ gpg --verify turnkey-syncthing-17.0-bullseye-amd64.iso.hash
      gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum turnkey-syncthing-17.0-bullseye-amd64.iso
      c57836c5411b1fc92e9ea81c09250369c53ede4baf97f9751d1423123262fa8f  turnkey-syncthing-17.0-bullseye-amd64.iso

    $ sha512sum turnkey-syncthing-17.0-bullseye-amd64.iso
      cd1f4c99676aac707a22240a4c2291b05c2e12a41d27f79031727b02e5f067260a08e6d1f5a66d5b874830296f67c8f1f653fdb0d8f0f644f9d848b2df53605c  turnkey-syncthing-17.0-bullseye-amd64.iso

   Note, you can compare hashes automatically::

    $ sha256sum -c turnkey-syncthing-17.0-bullseye-amd64.iso.hash
      turnkey-syncthing-17.0-bullseye-amd64.iso: OK

    $ sha512sum -c turnkey-syncthing-17.0-bullseye-amd64.iso.hash
      turnkey-syncthing-17.0-bullseye-amd64.iso: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmJlPIQACgkQHkh6RjHW
/railxAArG6O+7YNL1HZnH/2i+DRp7YiwkJYZyawpLrqwN6wk9ouMGJSXinkF5PZ
FsSsR8BHmGFTVJM8ygYzrE4EhjvAvhbwTGPAjPF1X3pQOx39t1oYc3o9zk/om+GS
XZzMJ7VmapuxcBPkrBssMKjWg2Gejt+jE0LGb0SERN+nbiWQ2Jh64T3MbYD20JCT
8qkePY/RR8V0oRwVgA6+nUMlNK/cgRmdYEfxLGgBZiE1IGl7wuOhD4oLoyLwAZtn
6qAO/pN7cmi760/0H5Y1UEuQQdqOKsawuL2cAJn1BbFTPHpQcFQkgPJ7z5e0vIcq
K4NJRMylU5i3A8HSQ1KJ5Wffe+4YMv0Prk6u0+nCan3FDWeD7KOmyUPrzbUXYODb
9rJeYdk1shSNW0B0wpWI6JjCg5SPeH7gcsd5E4FNaYmOLFNeETF5zTsmLvrQiWo3
DbXCW4kUWM9P8/002/DN2lrbJx2patGHVmISifba5LYSpepAGWPb06m7gS0uIcdz
3SMAzQKVXgOQ2XkLCuqHNMkvS71lhiLjHLaQvQ/6Bbyo1BiYcUa9p5rXd0IDGsCB
bDPRRggeBZw2ibk3HI+hEBQ56373sLZpsZnu7aTTGfeX6QWcZnWq0+iZgVWHMMJY
g5YgSmuC7bQ+ItmFrQQIndAUSiP9Jwhx8yR83pw8qM160KJ/fF4=
=pGtR
-----END PGP SIGNATURE-----