-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org
      pub   rsa4096 2021-08-04 [SC] [expires: 2041-07-30]
            E10F 6567 0C8E BE42 ED0C  3A49 CCA5 1174 468F 9073
      uid           [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) <release-bullseye-images@turnkeylinux.org>
      sub   rsa4096 2021-08-04 [S] [expires: 2041-07-30]
      
    $ gpg --verify debian-11-turnkey-leantime_17.1-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-11-turnkey-leantime_17.1-1_amd64.tar.gz
      a288ce768bc480dca78c31d42bd8c23d018afde1fa98a71bedaaf2c41392e8cd  debian-11-turnkey-leantime_17.1-1_amd64.tar.gz

    $ sha512sum debian-11-turnkey-leantime_17.1-1_amd64.tar.gz
      51753901d81929dd90b94044f711cda556086e1506abf589dd927d2455d3c4eb7a39b2e22a21b1dc0d3f065bfb2d746808ac4de3935ff4d6f3d3a8195c399a75  debian-11-turnkey-leantime_17.1-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-11-turnkey-leantime_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-leantime_17.1-1_amd64.tar.gz: OK

    $ sha512sum -c debian-11-turnkey-leantime_17.1-1_amd64.tar.gz.hash
      debian-11-turnkey-leantime_17.1-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmM0CTUACgkQHkh6RjHW
/rZaQBAAin7WVANFsA1bW36GtLL+2bbUYciQ6yB+J72RedVqQJAA7mLR2iU7Cln8
48AkpyCjPJk0ZNzkVIzBLTjuKtYdX09LdQtI2YkY7B/rb+TwHEPwC8MhvOXjR+Fi
NPo1Tn/Tme/AUK5ZlG54EqYWipe+NAe6bePpEUpR0deaRpOKMGnf9Rs29XhnJdfu
ZXFf5+s5TorOAfwUTAHL4xFYiA0B2AA2Nmj5t4AsVjstBep+1AekyVj0/XdkAm6v
OlRAfiiuK4fqoOIS1IpR868fznAYCQLxmd7B4qmpqgLbW8BinGlS/EaCZqukE73y
2hYOmpVF4dyICPTBRdqYKMcjXqUycoahu8IDJW5ZJAOQa6rc3ysGnGby+AuxLkb/
Zpt7UUbkja+KGeSca2+DDGuqDK7vvOTnJgzKGVfzRFTxlaVaMcDMBy6/l3IJDtw/
/3bpAA9WU2FzLTgnQLfuyfftPXRxsI7xeDxEeaKCXYQIsIfJPHP7A/wp6AR3Eu3Y
Vlgha+g5cxUeEB6NsSWuJ/xz9td/ApxGLKjMW5OQBMFGBXNOT4P2rAh+sZ4rdmyP
m2sd1m9SoZOo8ArLsg+FpOKnG9YBd9yl3ORVmavZ79PdiEvDhnjJD2gPdZUBt9xZ
KoUNXCMt/txe3daFnnj8eRb1FtFmvNuTk6nsQNf5bkLn+5+j5gI=
=yPF4
-----END PGP SIGNATURE-----