-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl https://raw.githubusercontent.com/turnkeylinux/common/master/keys/tkl-buster-images.asc | gpg --import
    $ gpg --list-keys --with-fingerprint release-buster-images@turnkeylinux.org
      pub   rsa4096 2020-02-05 [SC] [expires: 2040-01-31]
            A8B2 EF42 8781 9B03 D351  6CCA 7623 1C20 425E 9772
      uid           [ unknown] TurnKey GNU/Linux Buster Images (GPG signing key for TurnKey Linux Buster Images) <release-buster-images@turnkeylinux.org>
      sub   rsa4096 2020-02-05 [S] [expires: 2040-01-31]
      
    $ gpg --verify debian-10-turnkey-drupal9_16.2-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID A8B2EF4287819B03D3516CCA76231C20425E9772
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-10-turnkey-drupal9_16.2-1_amd64.tar.gz
      715ec195b5646cc4175dc9c50d504c158bac3fc0f056063b5aa9ef9f7f2fedd6  debian-10-turnkey-drupal9_16.2-1_amd64.tar.gz

    $ sha512sum debian-10-turnkey-drupal9_16.2-1_amd64.tar.gz
      37ed2c7aa53295c16252ee8d9891bbc240896958eafb65fb0c28995df826cde24d50a6a3edcf81f5f5e1ba364163aeb605627a9ba0dea7035fdd48cdc20bf859  debian-10-turnkey-drupal9_16.2-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-10-turnkey-drupal9_16.2-1_amd64.tar.gz.hash
      debian-10-turnkey-drupal9_16.2-1_amd64.tar.gz: OK

    $ sha512sum -c debian-10-turnkey-drupal9_16.2-1_amd64.tar.gz.hash
      debian-10-turnkey-drupal9_16.2-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE8ZCki1TcVrLH8k3LrF6wBJPlvBwFAmE0pOgACgkQrF6wBJPl
vBwz3Q/9EHGJaP+4DL9d/S4PvSQ87gNH9nzwp77n1FITOksjjrSAqXQwRx52e0t2
dG/7Wfmzsk3a2Hhyv0LPZ6fj2MU7OA+eAjughJ5Dtfp5IYojZJFestZX/OD6HBGf
YhRV7/Mv8t3S5HSL9dePqQzS63KamHM6GDcYJArCBO8uAnhNcc3j/1Ea487TS8Sh
HRtsmTLRQtrCyhZJ6pqmtMbLhHj6jQqrZpmPQJL+QBQIZ6XNmE0raFV6wWcUjNFn
v7jxBXejuljaabI6NAYRTO2cFSIEZtwuJZdsNlXf0cXf8qSPTLWbV+KWpJgX+Er8
a9yJ1vQtc2NqwDUSt9OyQY445HIkU72VEuAxiD1uqLeeJGM/2+Kawsty2B3/KaDg
Pia1GuygVprwwULZt2lRBsO/ZHzU/V1ieWa0yUPQYkA2uCb8ZZB0b451869UbI3L
nmjIJGHsN7xV0iqfYwhgJv0iY+sSceZnJZ8JUYVxQR9nZsmDgzB2Phiwzuk8b76P
jEtBuxcRPdFl4UXrlh+JyvL8QjOFfzVt63cKRhtBFVRm/g2gloW9Cw2A1XrHfXnq
Tp9ND7q5bby0w0SG0KphU9hycgo5IZkO6m6vExd5sUBRRSpvfQoGKdoLIhmaaxaf
LkXDe09DAkHXrphGwyXE2rqEm874N0lXqy8DIbLuvvxZDpmzfgU=
=HijB
-----END PGP SIGNATURE-----