-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 To ensure the image has not been corrupted in transmit or tampered with, perform the following two steps to cryptographically verify image integrity: 1. Verify the authenticity of this file by checking that it is signed with our GPG release key: $ curl | gpg --import $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org pub rsa4096 2021-08-04 [SC] [expires: 2041-07-30] E10F 6567 0C8E BE42 ED0C 3A49 CCA5 1174 468F 9073 uid [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) sub rsa4096 2021-08-04 [S] [expires: 2041-07-30] $ gpg --verify debian-11-turnkey-gameserver_17.1-1_amd64.tar.gz.hash gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073 gpg: Good signature from "0" 2. Recalculate the image hash and make sure it matches your choice of hash below. $ sha256sum debian-11-turnkey-gameserver_17.1-1_amd64.tar.gz cb1defd88bd37cc0f1b781575054600cff7ef2d32b2d698134f34ca8d4c7b66f debian-11-turnkey-gameserver_17.1-1_amd64.tar.gz $ sha512sum debian-11-turnkey-gameserver_17.1-1_amd64.tar.gz b71e568fb09192931edd052ed4f4eaaaf3c440379c06e2fb3bd0de0271a37a422f4bb6db184bf19cc01ae431fecfe76bbdf5bc9d7ecfa8beedab38a61632c4c0 debian-11-turnkey-gameserver_17.1-1_amd64.tar.gz Note, you can compare hashes automatically:: $ sha256sum -c debian-11-turnkey-gameserver_17.1-1_amd64.tar.gz.hash debian-11-turnkey-gameserver_17.1-1_amd64.tar.gz: OK $ sha512sum -c debian-11-turnkey-gameserver_17.1-1_amd64.tar.gz.hash debian-11-turnkey-gameserver_17.1-1_amd64.tar.gz: OK Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted. -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmM0CTMACgkQHkh6RjHW /rax7g//c8p9ikRvp7p+rxSAN4HXIaoOLPc6m5DcVUmROb/EiZ/T6HJSAePboEt8 Ern0KQEy6Jbi6C7X7GEHQxf0VvrcsLUQkXoi3RJiiy724wZ89OMbi2dgeJIPViiW kip7S0sIH998gvN+06hTcwMOWQjqgVyRpUGdNqNV5KSNnfOG7DJJnXQcVQgE91qG KiphtZoGKC7GEdXpb1yxldYGxWC2E7dPpYTI20YVMh/0T1dFzhc0Csnd1FPll5ed VN9TlwuLIGDOyVsgPM9hC9EhGsoZbGuQZCHZABsjy1IOJ/EXWwvL9lw3iVehXqM3 SVrDp4Qddqgkn//pNFeRiZwb4mU2dUvylb5jpmTCGWBReAjwLieh6N53gMzOMCmV bsgjN4EcCrQG60dv0oU4JEnCdnpGLpvb1nFLj2TzykHmtCUll3tYpVYaswBKvifS 83oI1RJqYSYn+6/+8upRQ3xS0TyzeT61O1+pur9nEXhRTuxOeIgoNM98XhD1o/bx bOnfM0e5VqcYJpU+ofRoBPYGmTrTcMMZpGBIJ+5P/Dd5yQIKQv2Y6i9+IR3kHabn QWrlMro5TP0oXlTKAw9+qZBXkYhX/T8/rZtA5TlivuQX6N6i9/wmtlvVmaLKuOv6 v+W2/9SFfKTRkC0G+Q5kMLB4HGzBaWYCPdRyGiu4dHRD1BEpEj4= =K9Ak -----END PGP SIGNATURE-----