-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl https://raw.githubusercontent.com/turnkeylinux/common/master/keys/tkl-buster-images.asc | gpg --import
    $ gpg --list-keys --with-fingerprint release-buster-images@turnkeylinux.org
      pub   rsa4096 2020-02-05 [SC] [expires: 2040-01-31]
            A8B2 EF42 8781 9B03 D351  6CCA 7623 1C20 425E 9772
      uid           [ unknown] TurnKey GNU/Linux Buster Images (GPG signing key for TurnKey Linux Buster Images) <release-buster-images@turnkeylinux.org>
      sub   rsa4096 2020-02-05 [S] [expires: 2040-01-31]
      
    $ gpg --verify debian-10-turnkey-ushahidi_16.1-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID A8B2EF4287819B03D3516CCA76231C20425E9772
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-10-turnkey-ushahidi_16.1-1_amd64.tar.gz
      e1f9d0807bfc2290c3ed86563002bb0c417c2d2f899ab71c06b2564b5fb3bf67  debian-10-turnkey-ushahidi_16.1-1_amd64.tar.gz

    $ sha512sum debian-10-turnkey-ushahidi_16.1-1_amd64.tar.gz
      08903e856fd89656f7d7395dd30059f472ac66fca9d0ca6370a1f46dd195eae48895ca2d181d512c9d1edb02b437d4bd7dca7fb5fef278eb333306bc2061838e  debian-10-turnkey-ushahidi_16.1-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-10-turnkey-ushahidi_16.1-1_amd64.tar.gz.hash
      debian-10-turnkey-ushahidi_16.1-1_amd64.tar.gz: OK

    $ sha512sum -c debian-10-turnkey-ushahidi_16.1-1_amd64.tar.gz.hash
      debian-10-turnkey-ushahidi_16.1-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE8ZCki1TcVrLH8k3LrF6wBJPlvBwFAmB728sACgkQrF6wBJPl
vBxrKQ//QyMERLb1chLfYboQ0nl5UeelHPlVGtxJkk2zY6Nlv+5eLJV+HainUDki
HW/91yAWrPFc8/8LV0ystwJliAEtW1m9Zh5dagmo1W88fkZm2psPuOtNim9qdaG8
cqMqwmKoy4YZ2nbk8L/6+FoV3Uwt49FeW2DgT6+p8bR37LNL4dRFrsM0MXoRb6NX
GrIStRFpD4rYNT+EIvk/tReCPrbCTmX+LD4ZFHvVa2NP0O+ld0GKU9heXNf2/FIF
dN0i17Pp5qhcZcO4Zx52ZponH+FMpZFnb7Lmf1UocYXU1QcEu8RLc1w8x6mZtkf1
+vYUBdipsoVGFbJU3lqlAY24j/m83P7KliDbkhfOa6fJgow66QGKvu/Aq5BTaV3t
ngO0w2OBIKyaMuVZYGGk32zYNLphUY/ZW5jRe3tIXXMgXzorB5CABB6fJ8Lze1md
Jdk5nob5rTts0qVGzb6gdDJYuX0N2wPUEsOMbUolU+zUJmlFv/+Vf6LxVQ/1YErP
PFlr3Mz3//5UpEgUoVkgr4kTdsUJwRAjKgyfPT1NdTCra95tQ+JA6i2/cYzNf+7h
D8q8/tRKB20VWpm4N3LMzu5ZjSikyrZPAnpuhQiSsk6rXk1rOxwvF3+a4O46xbrP
WA8rmpBjzI9CNSOstnDzhEgRZ82S6SigH3A95A7l/Q2YoTdFgsQ=
=2Y0c
-----END PGP SIGNATURE-----