-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org
      pub   rsa4096 2021-08-04 [SC] [expires: 2041-07-30]
            E10F 6567 0C8E BE42 ED0C  3A49 CCA5 1174 468F 9073
      uid           [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) <release-bullseye-images@turnkeylinux.org>
      sub   rsa4096 2021-08-04 [S] [expires: 2041-07-30]
      
    $ gpg --verify debian-11-turnkey-e107_17.1-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-11-turnkey-e107_17.1-1_amd64.tar.gz
      d13aca53a1f1309cddf3518b3242beca95eb3d9ade3b9701f0308d98c4583eff  debian-11-turnkey-e107_17.1-1_amd64.tar.gz

    $ sha512sum debian-11-turnkey-e107_17.1-1_amd64.tar.gz
      1b29f745f5125a38e27e51abab0b1aa18bd580b872d374ffb77db3d438983b603ddc8adc19406c77231f0a054d0170d6ed5fce7d766954840aae602ff56a37f5  debian-11-turnkey-e107_17.1-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-11-turnkey-e107_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-e107_17.1-1_amd64.tar.gz: OK

    $ sha512sum -c debian-11-turnkey-e107_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-e107_17.1-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmM0CTIACgkQHkh6RjHW
/rZiThAAgL7L6WYCbixIIGGo3HG/eWH6XljDh3j/ctea7Z1Ug3J2a7xEkHrbdLlN
8J3k2gzpPe7IpB+sT6pusjd7dT1F9X/7/YHQzpVc8gofSKeGmkxdy/h4ftJA+jb0
eadLa0dH/MDAJiYiRKswQUFT72UrxZqHYnnsKH46P2wjIRL2ghcaDFdKomu1Ysri
TRK35rQblxlpGrfgp8iwkDkwTi/xm8C7+phvQhAxBhFgprUlxExh0bqtrGCGH7Gr
28Eb/mBeCHnGqwWCZbWLMAJfk3Q02oR2SyoiRVAvb/T50ymbQyXLUTN4kWot6mko
sE93QZHBAChbx6Sg/ycONZd/+8crRkCtkqoakpPjWdro6ysCEJ35mWgtXwjELw4Z
4sdDxVS+P4i2FtFvObMfiNtCGbHZrew93sdau0WXCyPs5o75ZSJ76DNHzfKHV12p
rPs+vBkbptKUnyT/+hIz4jpp6N8ZrEi5mhpiPfBnCsNLLZ4CntbihepLoO7W24DM
tOhCY7Y44pA2cjLHd6Lt28NX1sBAIRHAB17l0CCnW1kBQrvMyQaq5EAr9ATy5tNK
GKx/RSVN8vESb+NnhOARn77yPfEiyzzwKnsvyoMs/6RVvkUcU6EWHKgeTwrb5GIq
UG6XB9jjoGZ5VWSDxr2fJD8PCzNdVazkHWIlqf0vBP1ZZAUgLS0=
=7/YG
-----END PGP SIGNATURE-----