-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org
      pub   rsa4096 2021-08-04 [SC] [expires: 2041-07-30]
            E10F 6567 0C8E BE42 ED0C  3A49 CCA5 1174 468F 9073
      uid           [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) <release-bullseye-images@turnkeylinux.org>
      sub   rsa4096 2021-08-04 [S] [expires: 2041-07-30]
      
    $ gpg --verify debian-11-turnkey-fileserver_17.1-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-11-turnkey-fileserver_17.1-1_amd64.tar.gz
      9143a3dcdaebcdb3234b76d1c89e260625b947a0672c00539bfe5af66fd0962e  debian-11-turnkey-fileserver_17.1-1_amd64.tar.gz

    $ sha512sum debian-11-turnkey-fileserver_17.1-1_amd64.tar.gz
      207726d3959a90b594d2acd53300dc9529e06f1d51785d31f363265d1fa46ad3f3e3eca6898185d24cfa4188fb203ccd9b2ca68aa280085fb3fdbb9201ecdc4e  debian-11-turnkey-fileserver_17.1-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-11-turnkey-fileserver_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-fileserver_17.1-1_amd64.tar.gz: OK

    $ sha512sum -c debian-11-turnkey-fileserver_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-fileserver_17.1-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmM0CTMACgkQHkh6RjHW
/rbZfxAAq+Ewo6AFk+Mmt8pr0/ySKT+kVRr7WZkbtCzhC4PdwLI9agLcvQxgG7oX
fT8ntERTg7ZilQvLUZdIMtz2fIPJ1DjQIFK6VPWF0nFWcGGpJG3LMABpYnra4w2v
DwI4LkPg2D80sqdU3xmxhXxE77nYJMS2lrOi+zcVPa1Ee3zcyi3YZI3oPRGcDse0
wLX3/sQAVeceMsBav4x27YJgAjbWVMxmQsjl16gC1CT/8GmTwr76XmyZNZ2sEUvv
AgK/RcmnGxg42EMJdBGTYxqdi/TLmFvT8Bqy7/e8mKmWBvvxQuohW8Xt6skGFGvt
KQ2z4OntZiHe6cR70bAP6HvJaVUtNcpoy8525FO33f0uRzIhy6/qIDLH3UkxVWTU
pH28DedrqLWJHmDeQD4AnDg87fGP3ZC/kvZyhE1JBjeoP2puqWYHf/JZWRDiizST
32BJcnyz+qPhSUXxO5yZ4SnX9mjLdNxShy0JrcQ7Bxt/7XYM+4jxi+8AyDMZO8/b
slAZYtVI01PiyMCC2lcdqHeJODrjM2+gNpx5N883KIhFV66Di0MRSgVf/AdOMtaA
J+8igmZv9puYjbyDxcTWkBzZZ5nCeHCssBU+WmjH6MoJhYXW+Ci4PISbcZqzf1m6
XLHgEXdyPWkddBaf+EqXbjfPfuTc0k2ZcqvxkubrQ3Mpa/ZYPWI=
=bDRg
-----END PGP SIGNATURE-----