-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

To ensure the image has not been corrupted in transmit or tampered with,
perform the following two steps to cryptographically verify image integrity:

1. Verify the authenticity of this file by checking that it is signed with our
   GPG release key:

    $ curl  | gpg --import
    $ gpg --list-keys --with-fingerprint release-bullseye-images@turnkeylinux.org
      pub   rsa4096 2021-08-04 [SC] [expires: 2041-07-30]
            E10F 6567 0C8E BE42 ED0C  3A49 CCA5 1174 468F 9073
      uid           [ unknown] TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) <release-bullseye-images@turnkeylinux.org>
      sub   rsa4096 2021-08-04 [S] [expires: 2041-07-30]
      
    $ gpg --verify debian-11-turnkey-leantime_17.3-1_amd64.tar.gz.hash
      gpg: Signature made using RSA key ID E10F65670C8EBE42ED0C3A49CCA51174468F9073
      gpg: Good signature from "0"

2. Recalculate the image hash and make sure it matches your choice of hash below.

    $ sha256sum debian-11-turnkey-leantime_17.3-1_amd64.tar.gz
      f5ac2a5a88964e8167d5e8e998f303169cbc2c383bb4d6d76b00770acb6433b0  debian-11-turnkey-leantime_17.3-1_amd64.tar.gz

    $ sha512sum debian-11-turnkey-leantime_17.3-1_amd64.tar.gz
      afa1f994e5c82f46541750fa71e476e8fa771c1846c52efbaf879fea7bbc08971eb04d3871954dc1710fc818405e387315452ca25d785cddc038b9880a837c1a  debian-11-turnkey-leantime_17.3-1_amd64.tar.gz

   Note, you can compare hashes automatically::

    $ sha256sum -c debian-11-turnkey-leantime_17.3-1_amd64.tar.gz.hash
      debian-11-turnkey-leantime_17.3-1_amd64.tar.gz: OK

    $ sha512sum -c debian-11-turnkey-leantime_17.3-1_amd64.tar.gz.hash
      debian-11-turnkey-leantime_17.3-1_amd64.tar.gz: OK

    Final note, when checking SHAs automatically, please ignore warning noting that some lines are improperly formatted.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3YP+u+JWuSop/BuCHkh6RjHW/rYFAmQEVSEACgkQHkh6RjHW
/rY8DQ/+Mgv30LZRConj6pkovMZ/XQgixm/t+RD9zRr1exYEL/42Gaw7ke9eeEqx
nUdNLjoyXwokX919U09P4U8Ac+ggcrwyqZd+l3pN1S5fe2Xsyg6hp8HwmELu+Tl2
sB+Cb3hmnGndg+e1yAux5QWKFJFxkDX1VyH4lXO9kEb7xZ0P6W0oG+U8MSQVcXU+
Ck/8XGvChNl4Y2mNdh9jjE3a8uNDtvvVoiBNgv4Bqhj1Co3n8MAPIN2/Ovr+hMAJ
kN1vkrzcuLIP5g/L1K9WEEgiEnqKtRwmcYM/REuWtDyKgNMphYvb/PVJtPn9kElM
xKHYT9PGHZiBv6shMHpgJ2q0xPm8AO9dAuo1z5jn0y+69zk13ZI8PGhosfKhpZ/M
LLziKVuqN+pPjW1cisYM/LF2xgPfz+fKsWiUojVetda/BVdw0PNq9FkmMlvQUtz3
tgn6Q2ZK84EnoAJ1u3LpA9YvyaXaggcetqUvPLrIcKl8jVPaWOxOOc8EmBBphSln
fDdFRd4bURQvRDtp+ejI0lbSeGuAZ2CX9zGOI4sYfE6ExeMqawvz6DrQiiPmv9Fl
48OzDKKYxI1xIbajlQo5rPKCOHUX7wFmQ8Gzf9FS8w48CketvBtidBUoavfE5rG0
YJAyDaqnqBCa2iuu41V/MLem7+c2iJTbOSlshSxh88ME96xYdGM=
=a370
-----END PGP SIGNATURE-----